diff --git a/docs/identitymanager/6.1/installation-guide/production-ready/agent/index.md b/docs/identitymanager/6.1/installation-guide/production-ready/agent/index.md index 52698ff1c9..986382d828 100644 --- a/docs/identitymanager/6.1/installation-guide/production-ready/agent/index.md +++ b/docs/identitymanager/6.1/installation-guide/production-ready/agent/index.md @@ -291,12 +291,10 @@ appsettings.agent.json ... "Connections": { "ADExport": { - "Servers": [ - { + "Servers": [{ "Server": "paris.contoso.com", "BaseDN": "DC=paris,DC=com" - } - ], + }], "AuthType": "Basic", "Login": "Login", "Password": "Password", diff --git a/docs/identitymanager/6.1/installation-guide/production-ready/email-server/index.md b/docs/identitymanager/6.1/installation-guide/production-ready/email-server/index.md index f837b17df8..b46bdd7e31 100644 --- a/docs/identitymanager/6.1/installation-guide/production-ready/email-server/index.md +++ b/docs/identitymanager/6.1/installation-guide/production-ready/email-server/index.md @@ -46,7 +46,7 @@ Here is an example with an external SMTP server. ``` -appsettings.json +**appsettings.json** { ... diff --git a/docs/identitymanager/6.1/installation-guide/production-ready/server/index.md b/docs/identitymanager/6.1/installation-guide/production-ready/server/index.md index 288fc62023..1ff7b5cd67 100644 --- a/docs/identitymanager/6.1/installation-guide/production-ready/server/index.md +++ b/docs/identitymanager/6.1/installation-guide/production-ready/server/index.md @@ -355,7 +355,7 @@ The password should always be encrypted using the ``` - appsettings.json +**appsettings.json** { ... "IdentityServer": { "X509KeyFilePath": "./identitymanagerContoso.pfx", "X509KeyFilePassword": "eff@�%fmel/" } ... } @@ -422,7 +422,7 @@ The service account used by the Server to access the Database is either: - A Windows account if the connection string was set up using `Integrated Security=SSPI`. - A SQL Server account if the connection string was set up with a login/password. -appsettings.json +**appsettings.json** ``` @@ -437,7 +437,7 @@ appsettings.json The **second example** sets a connection string using the SQL Server authentication. `CONTOSO/identitymanagerContosoServer` has been set as the Usercube Server IIS website identity. -appsettings.json +**appsettings.json** ``` diff --git a/docs/identitymanager/6.1/installation-guide/quick-start/index.md b/docs/identitymanager/6.1/installation-guide/quick-start/index.md index e696982df3..fb087deade 100644 --- a/docs/identitymanager/6.1/installation-guide/quick-start/index.md +++ b/docs/identitymanager/6.1/installation-guide/quick-start/index.md @@ -40,21 +40,27 @@ When extracting UsercubeBootstrap to the root of the computer, it looks like: **Step 5 –** Create a Sources folder in UsercubeBootstrap. -_Remember,_ if you don't have the UsercubeBootstrap folder or if you don't create the Sources +:::tip +Remember, if you don't have the UsercubeBootstrap folder or if you don't create the Sources folder, the Path in the Directory connection in the Runtime/appsettings.agent.json must be adapted. Note that you don't need to have a Directory.xlsx file at the location described by this Path for now. +::: + **Step 6 –** Create a database named Usercube, using the default options. -**NOTE:** When using a database server other than Microsoft SQL Server or a different database name, +:::note +When using a database server other than Microsoft SQL Server or a different database name, remember to change the connection string accordingly, in the Runtime/appsettings.json file and in the future command lines. +::: + **Step 7 –** Execute the Runtime/identitymanager.sql file in the database. **Step 8 –** Open a command prompt and deploy the configuration. See -the[ Usercube-Deploy-Configuration ](/docs/identitymanager/6.1/integration-guide/executables/references/deploy-configuration/index.md)topic +the[Usercube-Deploy-Configuration](/docs/identitymanager/6.1/integration-guide/executables/references/deploy-configuration/index.md)topic for additional information. In our example, the command would be, in the Runtime folder: @@ -67,7 +73,7 @@ script in the command line. ``` **Step 9 –** Launch the server. See -the[ Usercube-Server ](/docs/identitymanager/6.1/integration-guide/executables/references/server/index.md)topic +the[Usercube-Server](/docs/identitymanager/6.1/integration-guide/executables/references/server/index.md)topic for additional information. In our example, the command would be, still in the Runtime folder: diff --git a/docs/identitymanager/6.1/installation-guide/requirements/database-requirements/index.md b/docs/identitymanager/6.1/installation-guide/requirements/database-requirements/index.md index d1214eb506..b13a785ce8 100644 --- a/docs/identitymanager/6.1/installation-guide/requirements/database-requirements/index.md +++ b/docs/identitymanager/6.1/installation-guide/requirements/database-requirements/index.md @@ -13,7 +13,10 @@ This section identifies hardware and software requirements for Usercube's databa The database disk storage requirements depend on multiple factors as the database lifespan and the number of entries, for example 100,000 users can take up appropriately 10 GB of storage -**NOTE:** The maximum SQL Express database is 10 GB. +:::note +The maximum SQL Express database is 10 GB. +::: + ## Software @@ -97,7 +100,7 @@ Usercube to access the SQL Server database: Granting `bulkadmin` role to the server's service account requires access to an account member of the `sysadmin` or `securityadmin` server-level role on the target SQL Server. See the - [ Install the Server ](/docs/identitymanager/6.1/installation-guide/production-ready/server/index.md) + [Install the Server](/docs/identitymanager/6.1/installation-guide/production-ready/server/index.md) topic for additional information. For more information about identity and permission management in SQL Server, see @@ -122,5 +125,5 @@ must be set to 1 in the SQL database. ## What's Next? Let's move on to the requirements for Usercube's server. See the -[ Server ](/docs/identitymanager/6.1/installation-guide/requirements/server-requirements/index.md) +[Server](/docs/identitymanager/6.1/installation-guide/requirements/server-requirements/index.md) topic for additional information. diff --git a/docs/identitymanager/6.1/installation-guide/reverse-proxy/index.md b/docs/identitymanager/6.1/installation-guide/reverse-proxy/index.md index 3c8ed10f5c..ad643d94a1 100644 --- a/docs/identitymanager/6.1/installation-guide/reverse-proxy/index.md +++ b/docs/identitymanager/6.1/installation-guide/reverse-proxy/index.md @@ -73,11 +73,11 @@ directs incoming requests on `` from network 1 to a Usercube ser ``` -nginx.conf +**nginx.conf** worker_processes auto; -http { +**http {** ## # Basic Settings @@ -131,7 +131,7 @@ http { } } -} +**}** ```` @@ -189,7 +189,7 @@ server { listen default_server; server_name ; proxy_set_header X-Real-IP $remote_addr; } - } +**}** ``` diff --git a/docs/identitymanager/6.1/integration-guide/api/authentication/index.md b/docs/identitymanager/6.1/integration-guide/api/authentication/index.md index 3c8451b88c..fe6bf5a5ce 100644 --- a/docs/identitymanager/6.1/integration-guide/api/authentication/index.md +++ b/docs/identitymanager/6.1/integration-guide/api/authentication/index.md @@ -17,11 +17,11 @@ configuration element. The `client_id` parameter to use in calls to the OpenIdConnect protocol endpoints must be the concatenation of `clientId`, `@` and the domain of the application. -For example, client defined by +**For example, client defined by** ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/api/squery/index.md b/docs/identitymanager/6.1/integration-guide/api/squery/index.md index a8a3b7e6d2..098568469e 100644 --- a/docs/identitymanager/6.1/integration-guide/api/squery/index.md +++ b/docs/identitymanager/6.1/integration-guide/api/squery/index.md @@ -73,7 +73,10 @@ If select is not specified, API will just return queried elements' Ids. Last 100 started job's instances' Ids. -_Remember,_ The `Top` in the API queries had been deprecated and `PageSize`should be used instead. +:::tip +Remember, The `Top` in the API queries had been deprecated and `PageSize`should be used instead. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -102,8 +105,7 @@ script in the command line. ``` { -  "Result": [ -    { +  "Result": [{       "Id": "2147483653",       "Properties": [         { @@ -130,14 +132,12 @@ script in the command line.         {           "Id": "-9223372015379939312",           "Identifier": "WorkflowInstanceId" -        } -      ], +        }],       "Identifier": "AssignedCompositeRole"     },     {       "Id": "2147483654", -      "Properties": [ -        { +      "Properties": [{           "Id": "-9223372011084972031",           "Association1": {             "Id": "-9223372011084972031", @@ -161,8 +161,7 @@ script in the command line.         {           "Id": "-9223372011084972025",           "Identifier": "StartDate" -        } -      ], +        }],       "Identifier": "AssignedResourceNavigation"     }   ] diff --git a/docs/identitymanager/6.1/integration-guide/connectors/how-tos/powershell-fulfill/index.md b/docs/identitymanager/6.1/integration-guide/connectors/how-tos/powershell-fulfill/index.md index 3c0faefddd..1c797847a8 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/how-tos/powershell-fulfill/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/how-tos/powershell-fulfill/index.md @@ -70,8 +70,7 @@ and > "Connections": { > ... > "ADFulfillment": { -> "Servers": [ -> { +> "Servers": [> { > "Server": "...", > "BaseDN": "..." > }, @@ -79,7 +78,7 @@ and > "Server": "paris.contoso.com", > "BaseDN": "DC=defense,DC=paris,DC=com" > } -> ], +>], > "AuthType": "Basic", > "Login": "...", > "Password": "...", diff --git a/docs/identitymanager/6.1/integration-guide/connectors/how-tos/scim-salesforce-provisioning-entitlements/index.md b/docs/identitymanager/6.1/integration-guide/connectors/how-tos/scim-salesforce-provisioning-entitlements/index.md index 6358359a72..4e160a67ed 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/how-tos/scim-salesforce-provisioning-entitlements/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/how-tos/scim-salesforce-provisioning-entitlements/index.md @@ -33,7 +33,7 @@ have an entity property with exactly `type` as identifier: ``` - +**** ``` @@ -41,7 +41,7 @@ And to map it in the `Entitlements` entity type mapping: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/connectors/how-tos/sharepoint-export/index.md b/docs/identitymanager/6.1/integration-guide/connectors/how-tos/sharepoint-export/index.md index c76319a707..440881507a 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/how-tos/sharepoint-export/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/how-tos/sharepoint-export/index.md @@ -108,7 +108,7 @@ The target path for these files can be set up using the following settings: ``` - appsettings.agent.json +**appsettings.agent.json** { ... "Connections": { ... "SharePointExportContoso": { "Server": "https://contoso.sharepoint.com/", "Login": "usercube.service@contoso.com", "Password": "19f23f48379d50a9a50b8c" } } } @@ -269,7 +269,7 @@ achieved with the `` tag and the following attributes: ``` - Conf/SharePoint/SharePoint Connector.xml +**Conf/SharePoint/SharePoint Connector.xml** ... ... @@ -311,7 +311,7 @@ elements. ``` - Conf/SharePoint/SharePoint Connector.xml +**Conf/SharePoint/SharePoint Connector.xml** ... @@ -359,7 +359,7 @@ EntityType property which is written to the **Identifier** attribute. ``` - Conf/SharePoint/SharePoint Connector.xml +**Conf/SharePoint/SharePoint Connector.xml** ... @@ -433,7 +433,7 @@ items. This is usually declared in the `Nav.xml` file in the configuration root ``` - Conf/Nav.xml +**Conf/Nav.xml** ... @@ -474,7 +474,7 @@ describes how a single resource should be displayed. ``` - Conf/SharePoint/SharePoint UI.xml +**Conf/SharePoint/SharePoint UI.xml** ... @@ -525,7 +525,7 @@ of the entity type is used. ``` - Conf/SharePoint/SharePoint Connector.xml +**Conf/SharePoint/SharePoint Connector.xml** ... @@ -578,7 +578,7 @@ other related operations. ``` - Conf/SharePoint/SharePoint Jobs.xml +**Conf/SharePoint/SharePoint Jobs.xml** ... @@ -638,7 +638,7 @@ Here, we focus on creating one profile, used by the Job and every Task of the Jo ``` - Conf/Profile AgentJob.xml +**Conf/Profile AgentJob.xml** ... ... @@ -730,7 +730,7 @@ The following example creates a ```ClientId/Secret``` pair to be used by the Age ``` - Conf/OpenIdClients.xml +**Conf/OpenIdClients.xml** ... diff --git a/docs/identitymanager/6.1/integration-guide/connectors/how-tos/write-fulfill-powershell-script/index.md b/docs/identitymanager/6.1/integration-guide/connectors/how-tos/write-fulfill-powershell-script/index.md index 76d9f95921..48f9c368b4 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/how-tos/write-fulfill-powershell-script/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/how-tos/write-fulfill-powershell-script/index.md @@ -87,8 +87,7 @@ The previous parameter `$order` is an object corresponding to the following prov ``` { - "ProvisioningOrdersList": [ - { + "ProvisioningOrdersList": [{ "AssignedResourceTypeId": "3930001", "ChangeType": "Added", "WorkflowInstanceId": "81", @@ -119,8 +118,7 @@ The previous parameter `$order` is an object corresponding to the following prov "firstName": "James", "lastName": "Bond" } - } - ] + }] } ``` diff --git a/docs/identitymanager/6.1/integration-guide/connectors/how-tos/write-ticket-template/index.md b/docs/identitymanager/6.1/integration-guide/connectors/how-tos/write-ticket-template/index.md index 24cbe3a5c0..d74ea57c2b 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/how-tos/write-ticket-template/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/how-tos/write-ticket-template/index.md @@ -64,7 +64,7 @@ messages can be shown if several changes meet the condition. Please create a resource "{{ResourceType}}" for user {{Username}}. -For more information on the user, see: {{UsercubeProfileLink}} +**For more information on the user, see: {{UsercubeProfileLink}}** {{#ifCond ProvisioningOrder.ChangeType '==' 'Deleted'}} To delete the account, please contact the IT team. diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/activedirectory/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/activedirectory/index.md index 062f5f942d..85e7f067c8 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/activedirectory/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/activedirectory/index.md @@ -104,12 +104,11 @@ The identifier of the connection and thus the name of the subsection must: > "Connections": { > "ADExport": { > "Filter": "(objectclass=*)", -> "Servers": [ -> { +> "Servers": [> { > "Server": "contoso.server.com", > "BaseDN": "DC=contoso,DC=com" > } -> ], +>], > "AuthType": "Basic", > "AsAdLds": false, > "EnableSSL": true, @@ -219,8 +218,7 @@ written to the same CSV file. > ... > "Connections": { > "ADExport": { -> "Servers": [ -> { +> "Servers": [> { > "Server": "contoso.server.com", > "BaseDN": "DC=contoso,DC=com" > }, @@ -228,7 +226,7 @@ written to the same CSV file. > "Server": "contoso.server.com", > "BaseDN": "DC=defense,DC=contoso,DC=com" > } -> ], +>], > "AuthType": "Basic", > "Login": "Contoso", > "Password": "ContOso$123456789", @@ -262,12 +260,11 @@ Same as for export, fulfill is configured through connections. > "Connections": { > ... > "ADFulfillment": { -> "Servers": [ -> { +> "Servers": [> { > "Server": "contoso.server.com", > "BaseDN": "DC=contoso,DC=com" > } -> ], +>], > "AuthType": "Basic", > "AsAdLds": "true", > "EnableSSL": true, @@ -319,8 +316,7 @@ domain, by specifying the **Server** and **BaseDN** pairs in **Servers** for all > "Connections": { > ... > "ADFulfillment": { -> "Servers": [ -> { +> "Servers": [> { > "Server": "contoso.server.com", > "BaseDN": "DC=contoso,DC=com" > }, @@ -328,7 +324,7 @@ domain, by specifying the **Server** and **BaseDN** pairs in **Servers** for all > "Server": "contoso.server.com", > "BaseDN": "DC=defense,DC=contoso,DC=com" > } -> ], +>], > "AuthType": "Basic", > "Login": "Contoso", > "Password": "ContOso$123456789", diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/azure/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/azure/index.md index 0c7c8c9b60..3e029e1e79 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/azure/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/azure/index.md @@ -34,7 +34,7 @@ in the UI and/or the XML configuration, and in the `appsettings.agent.json > Con ``` - appsettings.agent.json +**appsettings.agent.json** { ... "Connections": { ... "": { ... } } } diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/azuread/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/azuread/index.md index 8b53a6b954..cf0bf7f0be 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/azuread/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/azuread/index.md @@ -51,7 +51,7 @@ in the UI and/or the XML configuration, and in the `appsettings.agent.json > Con ``` - appsettings.agent.json +**appsettings.agent.json** { ... "Connections": { ... "": { ... } } } diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/csv/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/csv/index.md index a665b5e80b..f34b85bb6d 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/csv/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/csv/index.md @@ -66,10 +66,9 @@ The identifier of the connection and thus the name of the subsection must: > "Separator": ";", > "IsFileNameRegex": true, > "NumberOfLinesToSkip": 1, -> "ValuesToTrim": [ -> "*", +> "ValuesToTrim": [> "*", > "%" -> ] +>] > } > } > } @@ -82,7 +81,90 @@ The identifier of the connection and thus the name of the subsection must: | Path Required if PathIncremental is not defined. | **Type** String **Description** Path of the input file to be used for complete synchronization. | | PathIncremental Required if Path is not defined. | **Type** String **Description** Path of the input file to be used for incremental synchronization. | | IsFileNameRegex optional | **Type** Boolean **Description** `True` to enter a regex instead of a normal string for `Path` and `PathIncremental`. **Note:** if several files correspond to the regex, then the export will use the last created file. **Info:** useful when the filename is only partially known, for example when using a generated file. | -| ValuesToTrim optional | **Type** String List **Description** Ordered list of the characters to trim at the beginning and at the end of the headers and values of the input file. **Note:** the second value will be trimmed after the first, the order is important. **Example** When writing `$` first and then `%` in `ValuesToTrim`, then "$%I am an example$%" becomes "I am an example$". | +| ValuesToTrim optional | **Type** String List **Description** Ordered list of the characters to trim at the beginning and at the end of the headers and values of the input file. **Note:** the second value will be trimmed after the first, the order is important. **Example** When writing `--- +title: "CSV" +description: "CSV" +sidebar_position: 40 +--- + +# CSV + +This connector exports data from a [CSV file](https://en.wikipedia.org/wiki/Comma-separated_values). + +This page is about +[File/CSV](/docs/identitymanager/6.1/integration-guide/connectors/references-packages/csv/index.md). + +![Package: File/CSV](/img/product_docs/identitymanager/6.1/integration-guide/connectors/references-connectors/csv/packages_csv_v603.webp) + +## Overview + +Files in CSV format are commonly used to store information. + +## Prerequisites + +Implementing this connector requires the source file to be in CSV format. + +## Export + +This export copies the information found in a CSV file and transforms it into a new CSV file in the +Usercube's format. + +### Configuration + +This process is configured through a +[connection](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) +in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: + +``` +appsettings.agent.json +{ + ... + "Connections": { + ... + "": { + ... + } + } +} +``` + +The identifier of the connection and thus the name of the subsection must: + +- be unique. +- not begin with a digit. +- not contain `<`, `>`, `:`, `"`, `/`, `\`, `|`, `?`, `*` and `_`. + +> For example: +> +> ``` +> appsettings.agent.json +> { +> ... +> "Connections": { +> ... +> "HRContoso": { +> "Path": "C:/identitymanagerContoso/Contoso/hr_conto(.*?).csv", +> "PathIncremental": "C:/identitymanagerContoso/Contoso/hr_delta_conto(.*?).csv", +> "Encoding": "UTF-16", +> "Separator": ";", +> "IsFileNameRegex": true, +> "NumberOfLinesToSkip": 1, +> "ValuesToTrim": [> "*", +> "%" +>] +> } +> } +> } +> ``` + +#### Setting attributes + +| Name | Details | +| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Path Required if PathIncremental is not defined. | **Type** String **Description** Path of the input file to be used for complete synchronization. | +| PathIncremental Required if Path is not defined. | **Type** String **Description** Path of the input file to be used for incremental synchronization. | +| IsFileNameRegex optional | **Type** Boolean **Description** `True` to enter a regex instead of a normal string for `Path` and `PathIncremental`. **Note:** if several files correspond to the regex, then the export will use the last created file. **Info:** useful when the filename is only partially known, for example when using a generated file. | + first and then `%` in `ValuesToTrim`, then "$%I am an example$%" becomes "I am an example$". | | | | | --- | --- | | Encoding default value: UTF-8 | **Type** String **Description** Encoding of the input file. [See the list of available encodings](https://learn.microsoft.com/en-us/dotnet/api/system.text.encoding#see-the-list-of-available-encodings). | diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/excel/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/excel/index.md index 5b9bd3087e..be51bf972d 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/excel/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/excel/index.md @@ -64,19 +64,106 @@ The identifier of the connection and thus the name of the subsection must: > "Path": "C:/identitymanagerContoso/Contoso/hr_conto(.*?).xlsx", > "PathIncremental": "C:/identitymanagerContoso/Contoso/hr_delta_conto(.*?).xlsx", > "IsFileNameRegex": "true", -> "SheetOptions": [ +> "SheetOptions": [> { +> "SheetIgnored": "false", +> "NumberOfLinesToSkip": 1 +> }, > { +> "SheetIgnored": "true" +> } +>], +> "ValuesToTrim": [> "$", +> "%" +>] +> } +> } +> } +> ``` + +#### Setting attributes + +| Name | Details | +| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Path Required if PathIncremental is not defined. | **Type** String **Description** Path of the input file to be used for complete synchronization. | +| PathIncremental Required if Path is not defined. | **Type** String **Description** Path of the input file to be used for incremental synchronization. | +| IsFileNameRegex optional | **Type** Boolean **Description** `True` to enter a regex instead of a normal string for `Path` and `PathIncremental`. **Note:** if several files correspond to the regex, then the export will use the last created file. **Info:** useful when the filename is only partially known, for example when using a generated file. | +| ValuesToTrim optional | **Type** String List **Description** Ordered list of the characters to trim at the beginning and at the end of the headers and values of the input file. **Note:** the second value will be trimmed after the first, the order is important. **Example** When writing `--- +title: "Microsoft Excel" +description: "Microsoft Excel" +sidebar_position: 140 +--- + +# Microsoft Excel + +This connector exports datasheets from a +[Microsoft Excel](https://www.microsoft.com/en-us/microsoft-365/excel) (XLSX) file. + +This page is about +[File/Microsoft Excel](/docs/identitymanager/6.1/integration-guide/connectors/references-packages/excel/index.md). + +![Package: File/Microsoft Excel](/img/product_docs/identitymanager/6.1/integration-guide/connectors/references-connectors/excel/packages_excel_v603.webp) + +## Overview + +Microsoft Excel files using the XLSX file format are commonly used to store information. + +## Prerequisites + +Implementing this connector requires the input file to be in the XLSX format. + +## Export + +This connector copies the information from an XLSX file into CSV files, one per spreadsheet, while +filtering out spreadsheets and trimming values if needed. + +### Configuration + +This process is configured through a +[connection](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) +in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: + +``` +appsettings.agent.json +{ + ... + "Connections": { + ... + "": { + ... + } + } +} +``` + +The identifier of the connection and thus the name of the subsection must: + +- be unique. +- not begin with a digit. +- not contain `<`, `>`, `:`, `"`, `/`, `\`, `|`, `?`, `*` and `_`. + +> For example: +> +> ``` +> appsettings.agent.json +> { +> ... +> "Connections": { +> ... +> "HRContoso": { +> "Path": "C:/identitymanagerContoso/Contoso/hr_conto(.*?).xlsx", +> "PathIncremental": "C:/identitymanagerContoso/Contoso/hr_delta_conto(.*?).xlsx", +> "IsFileNameRegex": "true", +> "SheetOptions": [> { > "SheetIgnored": "false", > "NumberOfLinesToSkip": 1 > }, > { > "SheetIgnored": "true" > } -> ], -> "ValuesToTrim": [ -> "$", +>], +> "ValuesToTrim": [> "$", > "%" -> ] +>] > } > } > } @@ -89,7 +176,7 @@ The identifier of the connection and thus the name of the subsection must: | Path Required if PathIncremental is not defined. | **Type** String **Description** Path of the input file to be used for complete synchronization. | | PathIncremental Required if Path is not defined. | **Type** String **Description** Path of the input file to be used for incremental synchronization. | | IsFileNameRegex optional | **Type** Boolean **Description** `True` to enter a regex instead of a normal string for `Path` and `PathIncremental`. **Note:** if several files correspond to the regex, then the export will use the last created file. **Info:** useful when the filename is only partially known, for example when using a generated file. | -| ValuesToTrim optional | **Type** String List **Description** Ordered list of the characters to trim at the beginning and at the end of the headers and values of the input file. **Note:** the second value will be trimmed after the first, the order is important. **Example** When writing `$` first and then `%` in `ValuesToTrim`, then "$%I am an example$%" becomes "I am an example$". | + first and then `%` in `ValuesToTrim`, then "$%I am an example$%" becomes "I am an example$". | | | | | --- | --- | | SheetOptions optional | **Type** SheetOption List **Description** List of options for each sheet of the input file. The first element of the list sets the options for the first sheet, the second element for the second sheet, etc. | diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/googleworkspace/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/googleworkspace/index.md index cba0474c5a..6dd457183d 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/googleworkspace/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/googleworkspace/index.md @@ -33,8 +33,11 @@ Implementing this connector requires: [See Google's documentation to create the service account with the right impersonation](https://developers.google.com/workspace/guides/create-credentials#see-googles-documentation-to-create-the-service-account-with-the-right-impersonation). - **Caution:** Google's documentation describes this procedure as optional, while the Google + :::warning + Google's documentation describes this procedure as optional, while the Google Workspace connector requires it. + ::: + ## Export diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/homefolder/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/homefolder/index.md index 35ed4026c8..1dd3fb2132 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/homefolder/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/homefolder/index.md @@ -72,10 +72,9 @@ The identifier of the connection and thus the name of the subsection must: > "Connections": { > ... > "HomeFolderExport": { -> "InputDirectories": [ -> "C:/ContosoFolder", +> "InputDirectories": [> "C:/ContosoFolder", > "C:/ContosoFolder2", -> ], +>], > "Domain": "Windows", > "Interactive": true, > "Login": "Contoso", diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/index.md index 3a19cd01a0..06f63f2c0e 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/index.md @@ -9,31 +9,31 @@ sidebar_position: 30 Connectors are the mechanisms that enable Usercube to read and write data to/from your organization's systems. Here is a list of reference connectors: -- [ Active Directory ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/activedirectory/index.md) +- [Active Directory](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/activedirectory/index.md) Exports and fulfills users and groups from/to an Active Directory instance. -- [ Azure ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/azure/index.md) +- [Azure](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/azure/index.md) Exports Azure resources, role definitions and assignments. -- [ CSV ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/csv/index.md) +- [CSV](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/csv/index.md) Exports data from a CSV file. -- [ EasyVista ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/easyvista/index.md) +- [EasyVista](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/easyvista/index.md) Exports and fulfills users from/to an EasyVista-compliant system. -- [ EasyVista Ticket ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/easyvistaticket/index.md) +- [EasyVista Ticket](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/easyvistaticket/index.md) Opens tickets in EasyVista for manual provisioning. -- [ Google Workspace ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/googleworkspace/index.md) +- [Google Workspace](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/googleworkspace/index.md) Exports and fulfills users and groups from/to a Google Workspace instance. -- [ Home Folder ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/homefolder/index.md) +- [Home Folder](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/homefolder/index.md) Exports home folders' content. @@ -45,15 +45,15 @@ organization's systems. Here is a list of reference connectors: Opens manual provisioning tickets in Usercube. -- [ JSON ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/json/index.md) +- [JSON](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/json/index.md) Generates JSON files for each provisioning order. -- [ LDAP ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/ldap/index.md) +- [LDAP](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/ldap/index.md) Exports and fulfills entries from/to a LDAP-compliant system. -- [ LDIF ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/ldif/index.md) +- [LDIF](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/ldif/index.md) Exports entries from a LDIF file. @@ -61,15 +61,15 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills user and groups from/to a Microsoft Entra ID instance. -- [ Microsoft Excel ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/excel/index.md) +- [Microsoft Excel](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/excel/index.md) Exports datasheets from a Microsoft Excel (XLSX) file. -- [ Microsoft Exchange ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/microsoftexchange/index.md) +- [Microsoft Exchange](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/microsoftexchange/index.md) Exports mailboxes from a Microsoft Exchange instance. -- [ OData ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/odata/index.md) +- [OData](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/odata/index.md) Exports and fulfills entries from/to an OData instance. @@ -77,23 +77,23 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills entries from/to an Okta instance. -- [ OpenLDAP ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/openldap/index.md) +- [OpenLDAP](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/openldap/index.md) Exports and fulfills entries from/to an OpenLDAP directory. -- [ PowerShellProv ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/powershellprov/index.md) +- [PowerShellProv](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/powershellprov/index.md) Writes to an external system via a PowerShell script. -- [ PowerShellSync ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/powershellsync/index.md) +- [PowerShellSync](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/powershellsync/index.md) Exports data from an external system via a Powershell script. -- [ RACF ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/racf/index.md) +- [RACF](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/racf/index.md) Exports users and profiles from a RACF file. -- [ Robot Framework ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/robotframework/index.md) +- [Robot Framework](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/robotframework/index.md) Writes to an external system via a Robot Framework script. @@ -101,7 +101,7 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills users and roles from/to a SAP ERP 6.0 or SAP S4/HANA instance. -- [ SAP Netweaver ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/saphana/index.md) +- [SAP Netweaver](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/saphana/index.md) Exports and fulfills users and roles from/to a SAP Netweaver instance. @@ -109,15 +109,15 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills entities from/to a SCIM-compliant application. -- [ ServiceNow ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md) +- [ServiceNow](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md) Exports and fulfills any data from/to a ServiceNow CMDB. -- [ ServiceNowTicket ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/servicenowticket/index.md) +- [ServiceNowTicket](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/servicenowticket/index.md) Opens tickets in ServiceNow for manual provisioning. -- [ SharedFolders ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sharedfolder/index.md) +- [SharedFolders](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sharedfolder/index.md) Exports users and permissions from Windows shared folders. @@ -125,18 +125,18 @@ organization's systems. Here is a list of reference connectors: Exports sites, folders, groups and permissions from a SharePoint instance. -- [ Sql ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sql/index.md) +- [Sql](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sql/index.md) Exports data from one of various Database Management Systems. -- [ Sql Server Entitlements ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md) +- [Sql Server Entitlements](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md) Exports entitlements from Microsoft SQL Server. -- [ Top Secret ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/topsecret/index.md) +- [Top Secret](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/topsecret/index.md) Exports users and profiles from a Top Secret (TSS) instance. -- [ Workday ](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/workday/index.md) +- [Workday](/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/workday/index.md) Exports users and groups from a Workday instance. diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/internalresources/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/internalresources/index.md index 3455a26543..c98696597b 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/internalresources/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/internalresources/index.md @@ -14,9 +14,9 @@ This page is about: - Ticket/identitymanager And Create/Update/Delete resources See the -[ Manual Ticket ](/docs/identitymanager/6.1/integration-guide/connectors/references-packages/manual-ticket/index.md) +[Manual Ticket](/docs/identitymanager/6.1/integration-guide/connectors/references-packages/manual-ticket/index.md) and -[ Manual Ticket and CUD Resources ](/docs/identitymanager/6.1/integration-guide/connectors/references-packages/manual-ticket-and-cud-resources/index.md) +[Manual Ticket and CUD Resources](/docs/identitymanager/6.1/integration-guide/connectors/references-packages/manual-ticket-and-cud-resources/index.md) topics for additional information. ![Package: Ticket/identitymanager](/img/product_docs/identitymanager/6.1/integration-guide/connectors/references-connectors/internalresources/packages_identitymanagerticket_v603.webp) @@ -24,5 +24,5 @@ topics for additional information. ![Package: Ticket/identitymanager And Create/Update/Delete resources](/img/product_docs/identitymanager/6.1/integration-guide/connectors/references-connectors/internalresources/packages_identitymanagerticketcud_v603.webp) See the -[ Provision Manually ](/docs/identitymanager/6.1/user-guide/administrate/provisioning/manual-provisioning/index.md) +[Provision Manually](/docs/identitymanager/6.1/user-guide/administrate/provisioning/manual-provisioning/index.md) topic for additional information. diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/internalworkflow/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/internalworkflow/index.md index d027e5b864..60a9fd5932 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/internalworkflow/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/internalworkflow/index.md @@ -9,7 +9,7 @@ sidebar_position: 90 This connector triggers workflows in Usercube for a system's provisioning orders. This page is about Usercube/Workflow. See the -[ Workflow ](/docs/identitymanager/6.1/integration-guide/connectors/references-packages/workflow/index.md) +[Workflow](/docs/identitymanager/6.1/integration-guide/connectors/references-packages/workflow/index.md) topic for additional information. ![Package: Usercube/Workflow](/img/product_docs/identitymanager/6.1/integration-guide/connectors/references-connectors/internalworkflow/packages_workflow_v603.webp) @@ -30,7 +30,7 @@ message and body. Implementing this connector requires: - Knowledge of the basic principles of Usercube's workflows. See the - [ Workflow ](/docs/identitymanager/6.1/integration-guide/connectors/references-packages/workflow/index.md) + [Workflow](/docs/identitymanager/6.1/integration-guide/connectors/references-packages/workflow/index.md) topic for additional information. - Configuring in Usercube the workflows for the arrival of a new user, the update of a pre-existing user, and for the departure of a user @@ -66,7 +66,10 @@ appsettings.agent.json } ``` -**NOTE:** The identifier of the connection and thus the name of the subsection must: +:::note +The identifier of the connection and thus the name of the subsection must: +::: + - be unique - not begin with a digit @@ -96,7 +99,7 @@ The configuration setting must have the following attributes: | ------------------------- | ------ | ------------------------------------------------------- | | WorkflowJsonPath required | String | Path of the JSON file used to configure this connector. | -WorkflowJsonPath +**WorkflowJsonPath** The file specified in WorkflowJsonPath must have a specific structure. @@ -112,8 +115,7 @@ FulfillInternalWorkflow.json   "NavigationToTargetEntity": "User",   "NavigationTargetToSource": "Records",   "TargetEntityTypeIdentifier": "Directory_User", -  "FulfillInternalWorkflowConfigurations": [ -    { +  "FulfillInternalWorkflowConfigurations": [{       "ChangeType": "Added",       "Model": {         "WorkflowIdentifier": "Directory_User_StartInternal", @@ -125,13 +127,10 @@ FulfillInternalWorkflow.json         "LastName",         "FirstName",         "ContractStartDate", -        "ContractEndDate" -      ], -      "NavigationProperties": [ -        "Category", +        "ContractEndDate"], +      "NavigationProperties": ["Category",         "Service", -        "Site" -      ] +        "Site"]     },     {       "ChangeType": "Modified", @@ -141,10 +140,8 @@ FulfillInternalWorkflow.json         "Message": "workflow Update: $Resource:LastName$ - $Resource:FirstName$, EmployeeId: $Resource:EmployeeId$",         "Body": "body of workflow Update for  $Resource:EmployeeId$ "       }, -      "ScalarProperties": [ -        "FirstName", -        "LastName" -      ] +      "ScalarProperties": ["FirstName", +        "LastName"]     },     {       "ChangeType": "Deleted", @@ -154,19 +151,20 @@ FulfillInternalWorkflow.json         "Message": "workflow end Directory_Person for $Resource:LastName$ - $Resource:FirstName$",         "Body": "body if workflow end for $Resource:LastName$ - $Resource:FirstName$"       }, -      "DateProperties": [ -        "ContractEndDate" -      ] +      "DateProperties": ["ContractEndDate"]     }   ] } ``` -_Remember,_ as workflows' aspects are computed during the fulfill process, all the required +:::tip +Remember, as workflows' aspects are computed during the fulfill process, all the required properties must be present in the provisioning order and in this JSON file. +::: + -Setting attributes +**Setting attributes** The table below summarizes the setting attributes. @@ -177,8 +175,8 @@ The table below summarizes the setting attributes. | DateProperties optional | DateTime List | List of the properties corresponding to the dates that the workflow is to fill in. **NOTE:** When not specified and ChangeType is set to Deleted, then the dates are filled with the workflow's execution date. | | Message required | String | Message sent to the accounts impacted by the workflow. | | NavigationProperties optional | String List | List of the navigation properties to get from the provisioning orders in order to complete the workflow. | -| NavigationTargetToSource optional | String | Navigation property that makes the link from the target entity type to the source entity type. **NOTE:** Required when using records. For example, it's not required when working with departments or sites. See the[ Position Change via Records ](/docs/identitymanager/6.1/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information.[ Position Change via Records ](/docs/identitymanager/6.1/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) | -| NavigationToTargetEntity optional | String | Navigation property that makes the link from the source entity type to the target entity type. **NOTE:** Required when using records. For example, it's not required when working with departments or sites. See the[ Position Change via Records ](/docs/identitymanager/6.1/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information. | +| NavigationTargetToSource optional | String | Navigation property that makes the link from the target entity type to the source entity type. **NOTE:** Required when using records. For example, it's not required when working with departments or sites. See the[Position Change via Records](/docs/identitymanager/6.1/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information.[Position Change via Records](/docs/identitymanager/6.1/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) | +| NavigationToTargetEntity optional | String | Navigation property that makes the link from the source entity type to the target entity type. **NOTE:** Required when using records. For example, it's not required when working with departments or sites. See the[Position Change via Records](/docs/identitymanager/6.1/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information. | | ScalarProperties optional | String List | List of the scalar properties to get from the provisioning orders in order to complete the workflow. | | SourceEntityIdentifier required | String | Identifier of the source entity type of the workflow. | | TransitionIdentifier required | String | Identifier of the workflow's transition after execution. | @@ -201,20 +199,20 @@ Internal Workflow. See the following to figure out authentication. -Password reset +**Password reset** This connector does not reset passwords. -Credential protection +**Credential protection** This connector has no credential attributes, and therefore does not use RSA encryption, nor a CyberArk Vault. See the -[ RSA Encryption ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) +[RSA Encryption](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) and -[ CyberArk's AAM Credential Providers ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md) +[CyberArk's AAM Credential Providers](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md) topics for additional information. Still, data protection can be ensured through an Azure Key Vault safe. See the -[ Azure Key Vault ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md)topic +[Azure Key Vault](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md)topic for additional -information.[ Azure Key Vault ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) +information.[Azure Key Vault](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/ldap/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/ldap/index.md index 508563f502..76ca6c71a0 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/ldap/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/ldap/index.md @@ -71,8 +71,7 @@ The identifier of the connection and thus the name of the subsection must: > "Connections": { > ... > "LDAPExport": { -> "Servers": [ -> { +> "Servers": [> { > "Server": "contoso.server.com", > "AuthType": "Basic", > "Login": "Contoso", @@ -80,13 +79,12 @@ The identifier of the connection and thus the name of the subsection must: > "Controls": [ > "PagedResult", > "DomainScope" -> ], +>], > "NoSigning": false, > "EnableSSL": true > } > ], -> "Tables": [ -> { +> "Tables": [> { > "Table": "entries", > "BaseDN": "DC=contoso,DC=com", > "Filter": "(objectclass=*)", @@ -98,7 +96,7 @@ The identifier of the connection and thus the name of the subsection must: > "Filter": "(&(member=*)(objectclass=groupOfEntries))", > "Scope": "Subtree" > } -> ], +>], > "SizeLimit": 5000, > "TimeLimit": 5, > "TimeOut": 30 @@ -200,20 +198,18 @@ Same as for export, fulfill is configured through connections. > "Connections": { > ... > "LDAPFulfillment": { -> "Servers": [ -> { +> "Servers": [> { > "Server": "contoso.server.com", > "AuthType": "Basic", > "Login": "Contoso", > "Password": "ContOso$123456789" > } -> ], -> "Tables": [ -> { +>], +> "Tables": [> { > "Table": "entries", > "BaseDN": "DC=contoso,DC=com" > } -> ], +>], > "IsLdapPasswordReset": true, > "AsAdLds": false > } diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/ldif/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/ldif/index.md index d864a31476..3d6fd43277 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/ldif/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/ldif/index.md @@ -67,7 +67,7 @@ The identifier of the connection and thus the name of the subsection must: > "LDIFFile": "C:/identitymanagerContoso/Contoso/contoso.ldif", > "FilterAttribute": "objectClass", > "FilterValues": "user organizationalUnit", -> "Attributes": [ "dn", "objectClass", "cn", "SAMAccountName", "Name", "userprincipalname" ], +> "Attributes": ["dn", "objectClass", "cn", "SAMAccountName", "Name", "userprincipalname"], > "LdifEncoding": "UTF-8", > } > } diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/okta/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/okta/index.md index 8c6c33684a..b227e85f61 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/okta/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/okta/index.md @@ -25,7 +25,7 @@ Implementing this connector requires: - An Okta Token with specific permissions on the target instance See the -[ appsettings.agent ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) +[appsettings.agent](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) topic for additional information. ### Configuration @@ -37,8 +37,11 @@ To configure the Okta connector it is necessary to: In order to do so you must connect to the Okta administration console `https://myexample-admin.okta.com` and create a new Netwrix Usercube user. -**NOTE:** For some Okta deployments it is possible to create a service account or to Manage an Okta +:::note +For some Okta deployments it is possible to create a service account or to Manage an Okta user account as a service account. +::: + **Step 2 –** Assign administrator role and permissions to the Netwrix Usercube user. @@ -267,7 +270,7 @@ appsettings.agent.json ### Password reset The password reset settings configuration is described in the appsettings.agent.json file. See the -[ appsettings.agent ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) +[appsettings.agent](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) topic for additional information. ### Credential protection diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/saperp6/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/saperp6/index.md index 37ce469f8e..f007547552 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/saperp6/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/saperp6/index.md @@ -25,7 +25,7 @@ an organization, such as finance, production, supply chain services, procurement Implementing this connector requires: - Reading first the appsettings documentation; See the - [ appsettings.agent ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) topic + [appsettings.agent](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) topic for additional information. - An ASE or HANA database with a service account, as a database administrator - A service account, as a SAP user with at least the roles for user management @@ -89,7 +89,7 @@ ABA.SAPSR3.USR11 to usercube grant select on ABA.SAPSR3.AGR_AGRS to usercube gra ABA.SAPSR3.USGRP to usercube grant select on ABA.SAPSR3.UST04 to usercube grant select on ABA.SAPSR3.AGR_TCODES to user grant select on ABA.SAPSR3.T002 to usercube Go -Set up the prerequisites for reading +**Set up the prerequisites for reading** To set up the prerequisites for reading follow the steps below. @@ -105,9 +105,12 @@ variables. **Step 3 –** Create environment variables: `HDBADOTNET=C:\hdbclient\ado.net` and `HDBADOTNETCORE=C:\hdbclient\dotnetcore`. -Set up the prerequisites for writing +**Set up the prerequisites for writing** + +:::note +Make sure the Read prerequisites are configured first. +::: -**NOTE:** Make sure the Read prerequisites are configured first. **Step 1 –** Copy the provided DLL `sapnwrfc.dl` into the Runtime of Usercube. @@ -133,7 +136,7 @@ from an SAP ERP instance, and writes the output to CSV files. This process is configured through a connection in the UI and/or the XML configuration, and in the **appsettings.agent.json** > **Connections** section. See the -[ Connection ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) +[Connection](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. Code attributes enclosed with `< >` need to be replaced with a custom value before entering the @@ -152,7 +155,10 @@ appsettings.agent.json } ``` -_Remember,_ the identifier of the connection and thus the name of the subsection must: +:::tip +Remember, the identifier of the connection and thus the name of the subsection must: +::: + - Be unique - Not begin with a digit. @@ -255,12 +261,12 @@ appsettings.agent.json ### Password reset See the -[ appsettings.agent ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) +[appsettings.agent](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) topic for additional information on how to configure password reset settings. When setting a password for an SAP ERP user, the password attribute is defined by the password specified in the corresponding RessourceTypeMapping. See the -[ SapResourceTypeMapping ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/sapresourcetypemapping/index.md) +[SapResourceTypeMapping](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/sapresourcetypemapping/index.md) topic for additional information. ### Credential protection @@ -286,10 +292,10 @@ Data protection can be ensured through: - A CyberArk Vault able to store Active Directory's Login, Password, and Server. See the -[ RSA Encryption ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), -[ Azure Key Vault ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md), +[RSA Encryption](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), +[Azure Key Vault](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md), and -[ CyberArk's AAM Credential Providers ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics +[CyberArk's AAM Credential Providers](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics for additional information. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/scim/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/scim/index.md index 0fd5e5a1bd..e8ab6d52c9 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/scim/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/scim/index.md @@ -31,11 +31,14 @@ REST API with specific endpoints to get and set data in a web application for IG allows an identity provider to manage the web application's accounts. For more details about SCIM and RFC, see the [IETF document](https://tools.ietf.org/html/rfc7644). -**NOTE:** Similarly to the Salesforce REST-based API, SCIM for Salesforce enables reading and +:::note +Similarly to the Salesforce REST-based API, SCIM for Salesforce enables reading and writing attributes, but writes to a smaller subset. For example, the following properties are manageable by the Salesforce REST-based API but not SCIM: `PermissionSetGroup`, `PermissionSetLicense`, `UserPermissionsKnowledgeUser`, `UserPermissionsInteractionUser`, `UserPermissionsSupportUser`, `CallCenterId`, `SenderEmail`. +::: + See the [Salesforce's documentation](https://help.salesforce.com/s/articleView?id=sf.identity_scim_rest_api.htm&type=5) @@ -53,7 +56,7 @@ The implementation of the Salesforce connector requires the completion of the fo - Reset the user token - Configure the Salesforce connection -Connect the application +**Connect the application** To connect to the Salesforce application do the following: @@ -87,7 +90,7 @@ Scopes. **Step 8 –** Copy the Consumer Key and Consumer Secret in your Keypass. -Enable OAuth authentication +**Enable OAuth authentication** To enable the OAuth authentication do the following: @@ -102,7 +105,7 @@ To enable the OAuth authentication do the following: **Step 3 –** Go to **OAuth** and **OpenID Connect Settings** in the **Identity** drop-down menu, enable the option to **Allow OAuth Username-Password Flows**. -Reset the user token +**Reset the user token** To reset the user token do the following: @@ -120,7 +123,7 @@ To reset the user token do the following: **Step 4 –** An email containing the new token will be sent. -Configure the Salesforce connection +**Configure the Salesforce connection** To configure the Salesforce connection do the following: @@ -145,7 +148,7 @@ The configuration of the Salesforce connector is completed. This process is configured through a connection in the UI and/or the XML configuration, and in the **appsettings.agent.json** > **Connections** section. See the -[ Connection ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/connection/index.md): +[Connection](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/connection/index.md): topic for additional information. Code attributes enclosed with `< >` need to be replaced with a custom value before entering the @@ -164,7 +167,10 @@ appsettings.agent.json } ``` -_Remember,_ the identifier of the connection and thus the name of the subsection must: +:::tip +Remember, the identifier of the connection and thus the name of the subsection must: +::: + - Be unique - Not begin with a digit @@ -233,7 +239,7 @@ This connector is meant to generate to the ExportOutput folder the following CSV See the [Application Settings](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings/index.md) and -[ EntityTypeMapping ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) +[EntityTypeMapping](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) topics for additional information. For the connector to work properly, the connection tables must follow the naming conventions too: @@ -344,10 +350,10 @@ Data protection can be ensured through: - A CyberArk Vault able to store Active Directory's Login, Password, and Server. See the -[ RSA Encryption ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), -[ Azure Key Vault ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md), +[RSA Encryption](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), +[Azure Key Vault](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md), and -[ CyberArk's AAM Credential Providers ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics +[CyberArk's AAM Credential Providers](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics for additional information. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sharedfolder/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sharedfolder/index.md index bd1d531275..e8c1983601 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sharedfolder/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sharedfolder/index.md @@ -71,10 +71,10 @@ The identifier of the connection and thus the name of the subsection must: > "Connections": { > ... > "SharedFolderExport": { -> "InputDirectories": [ "OfficeNetwork/R&D_Projects", "OfficeNetwork/Management", "C:/" ], +> "InputDirectories": ["OfficeNetwork/R&D_Projects", "OfficeNetwork/Management", "C:/"], > "OnlyDirectoryScan": "true", > "LevelOfScan": "12", -> "ListOfSIDToAvoid": [ "S-1-3-2-4", "S-5-7-6-8" ], +> "ListOfSIDToAvoid": ["S-1-3-2-4", "S-5-7-6-8"], > "Login": "account@example.com", > "Password": "accountexamplepassword", > "Domain": "Example", diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sharepoint/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sharepoint/index.md index 17e40ad3ca..2b3d3d65cb 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sharepoint/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sharepoint/index.md @@ -250,10 +250,10 @@ Data protection can be ensured through: - A CyberArk Vault able to store SharePoint's `Login` and `Password`. See the -[ RSA Encryption ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), -[ Azure Key Vault ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md), +[RSA Encryption](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), +[Azure Key Vault](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md), and -[ CyberArk's AAM Credential Providers ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics +[CyberArk's AAM Credential Providers](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics for additional information. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md index c88e1f7d13..2a03a37235 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md @@ -117,7 +117,7 @@ The identifier of the connection and thus the name of the subsection must: > ... > "SqlServerEntitlementsExport": { > "ConnectionString": "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;", -> "Databases": [ "UsercubeDemo", "AdventureWorks2017" ] +> "Databases": ["UsercubeDemo", "AdventureWorks2017"] > } > } > } diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/workday/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/workday/index.md index daecb41c23..cdca6255e5 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/workday/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-connectors/workday/index.md @@ -99,14 +99,13 @@ to be exported. > ``` > bodies.json > { -> "Requests": [ -> { +> "Requests": [> { > "XmlBody": " ", > "EntityName": "workers", > "IncrementalTag": "Transaction_Log_Criteria_Data", > "WebService": "Human_Resources/v34.2" > } -> ] +>] > } > ``` diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-packages/oracle-database/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-packages/oracle-database/index.md index b6453bbde1..2ca448b208 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-packages/oracle-database/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-packages/oracle-database/index.md @@ -25,4 +25,7 @@ To use this package, `Oracle.ManagedDataAccess.Core` needs to be [downloaded from the Oracle website](https://www.oracle.com/database/technologies/net-downloads.html) (selecting the `ODP.NET` release) and copied to the `Runtime` folder. -**NOTE:** The DLL in the "Oracle.ManagedDataAccess" package isn't compatible with .NET 8 +:::note +The DLL in the "Oracle.ManagedDataAccess" package isn't compatible with .NET 8 + +::: diff --git a/docs/identitymanager/6.1/integration-guide/connectors/references-packages/sql-server-entitlements/index.md b/docs/identitymanager/6.1/integration-guide/connectors/references-packages/sql-server-entitlements/index.md index 2e7cfe8a33..9f422c63d0 100644 --- a/docs/identitymanager/6.1/integration-guide/connectors/references-packages/sql-server-entitlements/index.md +++ b/docs/identitymanager/6.1/integration-guide/connectors/references-packages/sql-server-entitlements/index.md @@ -6,7 +6,7 @@ sidebar_position: 360 # SQL Server Entitlements -Exports SQL Server Entitlements +**Exports SQL Server Entitlements** | Package Characteristics | Value | | ----------------------- | ------------------------------------------ | diff --git a/docs/identitymanager/6.1/integration-guide/entity-model/index.md b/docs/identitymanager/6.1/integration-guide/entity-model/index.md index d42b83fdae..cb8437e172 100644 --- a/docs/identitymanager/6.1/integration-guide/entity-model/index.md +++ b/docs/identitymanager/6.1/integration-guide/entity-model/index.md @@ -110,7 +110,7 @@ Given a navigation property A of EntityType 1, linking EntityType 1 to navigatio EntityType 2, then navigation property B is called the reverse property of navigation property A and navigation property A is called the reverse property of navigation property B. -For example, +**For example,** - The _User_ entity type has the navigational property _Positions_ (a link to **zero or more_**Position_ entities); diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/anonymize/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/anonymize/index.md index eeb71f22be..3f24700451 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/anonymize/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/anonymize/index.md @@ -75,7 +75,7 @@ The following command outputs the anonymized data in STDOUT. ``` -./identitymanager-Anonymize.exe -n C:/Projects/identitymanager/Documentation/exampleSources/Anonymizer/users.csv -s "," --columns first_name,last_name,mail:email,number:phone +**./identitymanager-Anonymize.exe -n C:/Projects/identitymanager/Documentation/exampleSources/Anonymizer/users.csv -s "," --columns first_name,last_name,mail:email,number:phone** ``` diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/compute-correlationkeys/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/compute-correlationkeys/index.md index 2be9821d05..07e675602a 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/compute-correlationkeys/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/compute-correlationkeys/index.md @@ -15,7 +15,7 @@ string, for all entity types. ``` -./identitymanager-Compute-CorrelationKeys.exe --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false" -a +**./identitymanager-Compute-CorrelationKeys.exe --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false" -a** ``` diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/configuration-transform/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/configuration-transform/index.md index dd64f2e361..57dfe77d6f 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/configuration-transform/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/configuration-transform/index.md @@ -21,11 +21,11 @@ The resulting files are saved in `C:/identitymanagerDemo/ConfTransformed`. ``` -./identitymanager-Configuration-Transform.exe --input "C:/identitymanagerDemo/Conf" --output "C:/identitymanagerDemo/ConfTransformed" --transformation-file "C:/identitymanagerDemo/transformations.json" +**./identitymanager-Configuration-Transform.exe --input "C:/identitymanagerDemo/Conf" --output "C:/identitymanagerDemo/ConfTransformed" --transformation-file "C:/identitymanagerDemo/transformations.json"** ``` -transformations.json +**transformations.json** ```json { diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/decrypt-file/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/decrypt-file/index.md index 3477761342..aa456839ec 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/decrypt-file/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/decrypt-file/index.md @@ -19,7 +19,7 @@ using the agent side certificate defined in the agent's `appsettings.json`. ``` -$decryptFile = & ./identitymanager-Decrypt-File.exe --files $ordersFile +**$decryptFile = & ./identitymanager-Decrypt-File.exe --files $ordersFile** ``` diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/deploy-configuration/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/deploy-configuration/index.md index 4190548a1d..638de57ba4 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/deploy-configuration/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/deploy-configuration/index.md @@ -29,7 +29,7 @@ remote configuration: ``` -./identitymanager-Deploy-Configuration.exe -d "C:/identitymanager/Conf" --api-url https://my_usercube_instance.com +**./identitymanager-Deploy-Configuration.exe -d "C:/identitymanager/Conf" --api-url https://my_usercube_instance.com** ``` diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/export-configuration/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/export-configuration/index.md index 7778f0ddaf..6969d67239 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/export-configuration/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/export-configuration/index.md @@ -76,7 +76,7 @@ remote configuration: ``` -./identitymanager-Export-Configuration.exe -d "C:/identitymanager/ExportedConf" --api-url https://my_usercube_instance.com +**./identitymanager-Export-Configuration.exe -d "C:/identitymanager/ExportedConf" --api-url https://my_usercube_instance.com** ``` diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/generate-configuration/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/generate-configuration/index.md index 651198ac7b..d314908414 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/generate-configuration/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/generate-configuration/index.md @@ -31,7 +31,7 @@ From a list of CSV files, generates the configuration of the entities representi complex connector requires as an argument an xml file containing all the CSV files to be processed as well as the primary keys of these files. -Example of xml file +**Example of xml file** ``` @@ -54,7 +54,7 @@ Example of xml file ``` -./identitymanager-Generate-Configuration.exe simpleconnector -g "C:/GeneratedFile/file" -f "C:/SourceFile/confFile.csv" +**./identitymanager-Generate-Configuration.exe simpleconnector -g "C:/GeneratedFile/file" -f "C:/SourceFile/confFile.csv"** ``` @@ -62,7 +62,7 @@ Example of xml file ``` -./identitymanager-Generate-Configuration.exe complexconnector -g "C:/GeneratedFile/file" "C:/SourceFile/confFile.xml" +**./identitymanager-Generate-Configuration.exe complexconnector -g "C:/GeneratedFile/file" "C:/SourceFile/confFile.xml"** ``` diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/invoke-serverjob/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/invoke-serverjob/index.md index 5ce61ecf7f..fd6f148446 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/invoke-serverjob/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/invoke-serverjob/index.md @@ -18,7 +18,7 @@ To know the task launch orders in job use the following exe: ``` -.\Usercube-Invoke-ServerJob.exe -g "CleanDatabase" -s secret +**.\Usercube-Invoke-ServerJob.exe -g "CleanDatabase" -s secret** ``` diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/login/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/login/index.md index 8bc1d31506..252f1cec78 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/login/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/login/index.md @@ -19,7 +19,7 @@ IDP that will provide you with the authentication token. ``` -./identitymanager-Login.exe +**./identitymanager-Login.exe** ``` @@ -30,7 +30,7 @@ redirected to the IDP that will provide you with the authentication token. ``` -./identitymanager-Login.exe --authority https://my_oidc_authentication_server.com --client-id 34b3c-fb45da-3ed32 +**./identitymanager-Login.exe --authority https://my_oidc_authentication_server.com --client-id 34b3c-fb45da-3ed32** ``` @@ -40,7 +40,7 @@ redirected to Usercube's IDP. that will provide you with the authentication toke ``` -./identitymanager-Login.exe --port 5050 +**./identitymanager-Login.exe --port 5050** ``` diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/manage-history/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/manage-history/index.md index 755342ffb8..f3b4e3d0cf 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/manage-history/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/manage-history/index.md @@ -17,7 +17,7 @@ which are the tables actually purged: `ur_resources`; `ur_resourcelinks`; ## Examples -Purge before a period +**Purge before a period** To clean the database periodically, it can be purged of all the history older than a given period of time. @@ -31,7 +31,7 @@ script in the command line. ./identitymanager-Manage-History.exe --purge-before-months 12 --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;" ``` -Purge before a date +**Purge before a date** The database can be purged of all history older than a given date. @@ -44,7 +44,7 @@ script in the command line. ./identitymanager-Manage-History.exe --purge-before-date 19930526 --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;" ``` -Optimize +**Optimize** The database's history can be optimized by removing intermediate versions based on their age, for example keeping only one version the last week, one per month the last 6 months and then one per @@ -78,7 +78,7 @@ you can specify a short duration that allows a single change, for example only o following example copies the previous one, in addition we want to keep all changes of the last 6 hours (360 minutes): `--optimize 1:360 1440:7 43920:6 525960:2`. -Clean duplicates +**Clean duplicates** As given data can have several versions in the database, redundant rows can be deleted and replaced with one row that covers the consolidated time range. @@ -90,7 +90,7 @@ script in the command line. ``` -./identitymanager-Manage-History.exe --clean-duplicates --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;" +**./identitymanager-Manage-History.exe --clean-duplicates --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;"** ``` @@ -105,7 +105,7 @@ script in the command line. ``` -Solicit memory rather than the database +**Solicit memory rather than the database** To reduce the database load, the tool's optimizations can be made via the local device's memory. diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/protect-certificatepassword/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/protect-certificatepassword/index.md index 33e155a3ae..5386ffc2ea 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/protect-certificatepassword/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/protect-certificatepassword/index.md @@ -24,7 +24,7 @@ The output is the following : ``` -ep4BsLtg5RVFVI1kEIMZbV1q7Bg2eAFzeD73YX5fV7eklSIqcJcxHsCQbyY2zKLppXSX+Zpwm7xU5QY6DTAJleFbWsP/p0fjXUn1agy1tQ6l6t6wvURBZcePEgu+ivNjpUENbDIBotPdzbpISLJIjQbISzHDWnHuWPk/l8h0wXU=@WrAj9YdcNK8cQvfopZa5g1QFc1hk6nPolkwQAkU2ORfXupgV7kaWgKF4W/UmC0XXg4zuaqpVui6ivB0jbLTiXgQ62o+bG9ZSEJLaur4d20TMRNadqnWTWPWhVJF6XiS4jX7sDvVrZO3sKQJMNzZSeTKmsl0w0boCBEkuHsWDA24=@0oLLKxcTJGxSx1uGvhexEA== +**ep4BsLtg5RVFVI1kEIMZbV1q7Bg2eAFzeD73YX5fV7eklSIqcJcxHsCQbyY2zKLppXSX+Zpwm7xU5QY6DTAJleFbWsP/p0fjXUn1agy1tQ6l6t6wvURBZcePEgu+ivNjpUENbDIBotPdzbpISLJIjQbISzHDWnHuWPk/l8h0wXU=@WrAj9YdcNK8cQvfopZa5g1QFc1hk6nPolkwQAkU2ORfXupgV7kaWgKF4W/UmC0XXg4zuaqpVui6ivB0jbLTiXgQ62o+bG9ZSEJLaur4d20TMRNadqnWTWPWhVJF6XiS4jX7sDvVrZO3sKQJMNzZSeTKmsl0w0boCBEkuHsWDA24=@0oLLKxcTJGxSx1uGvhexEA==** ``` diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/protect-x509jsonfile/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/protect-x509jsonfile/index.md index 8ed58e6b96..448dbaf302 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/protect-x509jsonfile/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/protect-x509jsonfile/index.md @@ -26,7 +26,7 @@ and creates the `appsettings.encrypted.agent.json` file in the same folder. ``` -./identitymanager-Protect-X509JsonFile.exe --input-json-file-path "C:/identitymanagerTraining/appsettings.agent.json" --output-json-file-path "C:/identitymanagerTraining/appsettings.encrypted.agent.json" +**./identitymanager-Protect-X509JsonFile.exe --input-json-file-path "C:/identitymanagerTraining/appsettings.agent.json" --output-json-file-path "C:/identitymanagerTraining/appsettings.encrypted.agent.json"** ``` @@ -51,9 +51,7 @@ appsettings.agent.json "ApplicationUri": "http://localhost:3000" }, "NotificationSettings": { - "Cultures": [ - "en" - ] + "Cultures": ["en"] } }, ... @@ -81,9 +79,7 @@ appsettings.encrypted.agent.json "ApplicationUri": "kxABAFAEx4fWwG/ANPVTf/WGyccDxoR2xCy+x+U3Ny1KkqnOFw+SizePTgINTzBaYHLTHABQD0GWW6U+4qiG6DpcIcdAD0VVnddqB5a+YIE0reufXYhZTrDU/9yeG6aUWIHkLl9UudC/nnW6zMrjChiJhJvT7csFKdgbqUazZT56hR0i6XS36a5h2/tTWhbZTkk1Dil5JP7xUcu5CMWyXMUvGvK8gfQozYxo/DJTOiLrWjg5ION1yx+ZqPhcIUxgYaBjxSpfT6U9YMy5mE9JGqf7W76baS9fOVr3H1DAL02icX29uJAcsw1r9k1rJQIKEhAuqTNeuqF6C6iPHJAsail+iteOJEYgBSACRz7Te4t6Hp7PBs0FfP0WY1oL+1T+p7X+HaO1jAJhE50J2AKhGNXTZfE=" }, "NotificationSettings": { - "Cultures": [ - "kxABAPwTbpFUbP9xT9HyqtTuMLKT9sVD0Qq1kCsI44d12vJEcW2MMy9K5vKakwTPeJpvY6SafELoHc7AjKnh8ZJi0/Yu4dieE5W+5uXY1uaghYJ/2VjimzIsDhvRhm90xUlaMjdFBjx4HAnxBAtEbEjifdGHxZ0L9F305hXSTORj53u76ctCE5D9HPTN3AgLmyIGv5NExwhD4sgppbf6PWjTEZ7yNcoUpkkS4pJ6BMz+PaQo26A2rMP710zQgG72an4XvxSoR3SwSm0fhLCASgYi8YOZw0j/cfxl/LrW1EQ7gyW0/Mw9v1YRNH3DkbWSeHZ3odhDWdaWkzR6yOEt5hO60eM0w8Tjoed30Jwf+enf1rJFStDe/dhg6vjUIaTn6tt1Gw==" - ] + "Cultures": ["kxABAPwTbpFUbP9xT9HyqtTuMLKT9sVD0Qq1kCsI44d12vJEcW2MMy9K5vKakwTPeJpvY6SafELoHc7AjKnh8ZJi0/Yu4dieE5W+5uXY1uaghYJ/2VjimzIsDhvRhm90xUlaMjdFBjx4HAnxBAtEbEjifdGHxZ0L9F305hXSTORj53u76ctCE5D9HPTN3AgLmyIGv5NExwhD4sgppbf6PWjTEZ7yNcoUpkkS4pJ6BMz+PaQo26A2rMP710zQgG72an4XvxSoR3SwSm0fhLCASgYi8YOZw0j/cfxl/LrW1EQ7gyW0/Mw9v1YRNH3DkbWSeHZ3odhDWdaWkzR6yOEt5hO60eM0w8Tjoed30Jwf+enf1rJFStDe/dhg6vjUIaTn6tt1Gw=="] } }, ... @@ -97,7 +93,7 @@ agent during the synchronization process. The login to encrypt is stored in the following format, compliant with the [appsettings.agent.json structure](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md): -appsettings.beforeEncryption.json +**appsettings.beforeEncryption.json** ``` diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/protect-x509jsonvalue/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/protect-x509jsonvalue/index.md index d762b220c8..78cf1018db 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/protect-x509jsonvalue/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/protect-x509jsonvalue/index.md @@ -27,7 +27,7 @@ the `appsettings.agent.json` file. ``` -./identitymanager-Protect-X509JsonValue.exe --values "0" "secret" +**./identitymanager-Protect-X509JsonValue.exe --values "0" "secret"** ``` @@ -74,7 +74,7 @@ The output, in the console, shows the encrypted value for the _charlotte2028_ st ``` -kxABABJR7wYaQIqNjHT/rhYVMp5Vmsao7/eBLb7JCIiHMOKbi2sC0dY0SAJgj50NQ0kEH5LS3Y3TYso98+IdnxAzpURrtNu/LUWCJo1kTLM/taygebc0MK4XbkFmWzEgzLcVhAIy8GyFgEWqgNhOx7vwSPXFRrhQTVqIjwO0QNqxlZ5s6uyQm5fk9es2o6aLL0xwbvqspReFxZwuHrguAoIvkBnaKSsDfTLSuheP6VN7yOglLHvZ8Sn9R42M2BpG/dKIHXG6i1LkxkKoVKS9gFO7Hx8VUmYgxG+qIKTRVHdpMctqWKNUJTsQkmRKs+S3qiA2mgK/iC/dp923TfigAnBLWtyXw8eKDJjZ+s6n878BIf55iEjpgOrbm5FLzj8dfqPhQw== +**kxABABJR7wYaQIqNjHT/rhYVMp5Vmsao7/eBLb7JCIiHMOKbi2sC0dY0SAJgj50NQ0kEH5LS3Y3TYso98+IdnxAzpURrtNu/LUWCJo1kTLM/taygebc0MK4XbkFmWzEgzLcVhAIy8GyFgEWqgNhOx7vwSPXFRrhQTVqIjwO0QNqxlZ5s6uyQm5fk9es2o6aLL0xwbvqspReFxZwuHrguAoIvkBnaKSsDfTLSuheP6VN7yOglLHvZ8Sn9R42M2BpG/dKIHXG6i1LkxkKoVKS9gFO7Hx8VUmYgxG+qIKTRVHdpMctqWKNUJTsQkmRKs+S3qiA2mgK/iC/dp923TfigAnBLWtyXw8eKDJjZ+s6n878BIf55iEjpgOrbm5FLzj8dfqPhQw==** ``` diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/update-entitypropertyexpressions/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/update-entitypropertyexpressions/index.md index 6898c55b1e..3adde4b999 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/update-entitypropertyexpressions/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/update-entitypropertyexpressions/index.md @@ -16,7 +16,7 @@ string, for all entity types. ``` -./identitymanager-Update-EntityPropertyExpressions.exe --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false" -a +**./identitymanager-Update-EntityPropertyExpressions.exe --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false" -a** ``` diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/upgrade-configurationversion/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/upgrade-configurationversion/index.md index 144110c6f2..be665c82a5 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/upgrade-configurationversion/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/upgrade-configurationversion/index.md @@ -13,7 +13,7 @@ latest version. ``` -./identitymanager-Upgrade-ConfigurationVersion.exe --version "5.1.0" --xml-path "C:/identitymanagerDemo/Conf" --output "C:/identitymanagerDemo/Conf2" +**./identitymanager-Upgrade-ConfigurationVersion.exe --version "5.1.0" --xml-path "C:/identitymanagerDemo/Conf" --output "C:/identitymanagerDemo/Conf2"** ``` diff --git a/docs/identitymanager/6.1/integration-guide/executables/references/upgrade-databaseversion/index.md b/docs/identitymanager/6.1/integration-guide/executables/references/upgrade-databaseversion/index.md index 88722321fd..1747848dff 100644 --- a/docs/identitymanager/6.1/integration-guide/executables/references/upgrade-databaseversion/index.md +++ b/docs/identitymanager/6.1/integration-guide/executables/references/upgrade-databaseversion/index.md @@ -16,7 +16,7 @@ folder of the newest version and launch the tool with the following argument: ``` -./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" +**./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString"** ``` @@ -30,7 +30,7 @@ The following example runs the database upgrade tool only for backward compatibl ``` -./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" --mode BackwardCompatibleChanges +**./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" --mode BackwardCompatibleChanges** ``` @@ -42,7 +42,7 @@ useful only when specifying `--mode BackwardCompatibleChanges`. ``` -./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" --mode BackwardCompatibleChanges --execute-predefined +**./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" --mode BackwardCompatibleChanges --execute-predefined** ``` diff --git a/docs/identitymanager/6.1/integration-guide/governance/accesscertification/index.md b/docs/identitymanager/6.1/integration-guide/governance/accesscertification/index.md index a58c38b951..9fd7d2ad42 100644 --- a/docs/identitymanager/6.1/integration-guide/governance/accesscertification/index.md +++ b/docs/identitymanager/6.1/integration-guide/governance/accesscertification/index.md @@ -193,7 +193,7 @@ The following example creates a new policy named `Manager`. ``` - +**** ``` @@ -233,7 +233,7 @@ The user needs to have the correct permission to launch the item processing: ``` - +** ** ``` diff --git a/docs/identitymanager/6.1/integration-guide/governance/reporting/how-tos/analyze-powerbi/index.md b/docs/identitymanager/6.1/integration-guide/governance/reporting/how-tos/analyze-powerbi/index.md index b2018e50a7..8075ae89d7 100644 --- a/docs/identitymanager/6.1/integration-guide/governance/reporting/how-tos/analyze-powerbi/index.md +++ b/docs/identitymanager/6.1/integration-guide/governance/reporting/how-tos/analyze-powerbi/index.md @@ -41,30 +41,36 @@ Integrators need to know: etc. from both Usercube-hard-coded and customized parts - what data needs to be displayed in the end -**NOTE:** Power BI is able to analyze all Usercube's data, hard-coded and customized, but only +:::note +Power BI is able to analyze all Usercube's data, hard-coded and customized, but only current data, i.e. nothing from the history. +::: + ## Analyze Usercube's Data with Power BI Build the universe model by proceeding as follows: **Step 1 –** Define the appropriate universes using scaffoldings. See -the[ queries ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) +the[queries](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) -_Remember,_ in order to understand business intelligence, with its universes, entity instances and +:::tip +Remember, in order to understand business intelligence, with its universes, entity instances and association instances. See -the[ Universe ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md)topic +the[Universe](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md)topic for additional information. Also note that XML objects that automatically generate XML snippets that would be complex and/or tedious to write manually. See -the[ Scaffoldings ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md)topic +the[Scaffoldings](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md)topic for additional information. +::: + Netwrix recommends creating no more than one universe to generate one report, to prevent issues about name uniqueness. **Step 2 –** Connect Power BI to Usercube to visualize the output model. See -the[ Connect Power BI to Usercube ](/docs/identitymanager/6.1/integration-guide/governance/reporting/how-tos/connect-powerbi/index.md) +the[Connect Power BI to Usercube](/docs/identitymanager/6.1/integration-guide/governance/reporting/how-tos/connect-powerbi/index.md) topic for additional information. The Power BI applications **Desktop**, **Service** and **Report Server** all offer the Usercube @@ -110,7 +116,7 @@ This is how you analyze Usercube data through Power BI. In order to maintain the model you must remenber the ones listed below. -Refresh data +**Refresh data** You must define, in Power BI Service or Report Server, a frequency for data refresh so that reports display up-to-date data. See @@ -119,7 +125,7 @@ additional information. Data is often refreshed once a day. Define the refresh frequency according to your needs. -Foresee the Impact of Model Modifications +**Foresee the Impact of Model Modifications** A change inside an existing entity, for example adding a scalar field, does not require any particular actions on the universe model. @@ -127,5 +133,5 @@ particular actions on the universe model. A change in an association requires making the corresponding change in the universe model, as association instances (in the universe model) are based on entity associations in Usercube's data model. See -the[ EntityAssociation ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) +the[EntityAssociation](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) topic for additional information. diff --git a/docs/identitymanager/6.1/integration-guide/monitoring/how-tos/qradar-setting/index.md b/docs/identitymanager/6.1/integration-guide/monitoring/how-tos/qradar-setting/index.md index 2072eca406..62df201353 100644 --- a/docs/identitymanager/6.1/integration-guide/monitoring/how-tos/qradar-setting/index.md +++ b/docs/identitymanager/6.1/integration-guide/monitoring/how-tos/qradar-setting/index.md @@ -43,19 +43,15 @@ Export logs to a log management system by proceeding as follows: [`appsettings.json`](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings/index.md), make sure to have a **Serilog** section: - ``` - - appsettings.json - - { - ... - "Serilog": { - ... - } - ... - } - - ``` +```json +{ + ... + "Serilog": { + ... + } + ... +} +``` 2. In the **Serilog** section, add a **Using** section to contain the used sink which depends on the logs' destination, output format, etc. @@ -64,44 +60,36 @@ Export logs to a log management system by proceeding as follows: Concerning QRadar, NETWRIX strongly recommends using the JSON format, as it can be parsed by Usercube's DSM or easily by a homemade parser. - > For example, to produce a JSON output for QRadar: - > - > ``` - > - > appsettings.json - > - > { - > ... - > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], - > ... - > } - > ... - > } - > - > ``` - - > For example, to produce an output for Splunk: - > - > ``` - > - > appsettings.json - > - > { - > ... - > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Console", - > "Serilog.Sinks.Splunk.Durable" - > ], - > ... - > } - > ... - > } - > - > ``` + For example, to produce a JSON output for QRadar (in `appsettings.json`): + +```json +{ + ... + "Serilog": { + "Using": [ + "Serilog.Sinks.Network" + ], + ... + } + ... +} +``` + + For example, to produce an output for Splunk (in `appsettings.json`): + +```json +{ + ... + "Serilog": { + "Using": [ + "Serilog.Sinks.Console", + "Serilog.Sinks.Splunk.Durable" + ], + ... + } + ... +} +``` 3. Add a **MinimumLevel** section to define which logs are to be sent to the log management system. [See more details](/docs/identitymanager/6.1/integration-guide/monitoring/index.md). @@ -109,142 +97,122 @@ Export logs to a log management system by proceeding as follows: In order to be sent to any system, Usercube's logs must be configured with **MinimumLevel** set to `Information`, or lower. - > For example, we can define the logs' minimum level to `Information`. This way, all logs from - > the - > [log references](/docs/identitymanager/6.1/integration-guide/monitoring/references/index.md) - > with `Information` level or higher are sent. - > - > ``` - > - > appsettings.json - > - > { - > ... - > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], - > "MinimumLevel": { - > "Default": "Error", - > "Override": { - > "Usercube": "Information" - > } - > }, - > ... - > } - > ... - > } - > - > ``` + For example, we can define the logs' minimum level to `Information` (in `appsettings.json`): + +```json +{ + ... + "Serilog": { + "Using": [ + "Serilog.Sinks.Network" + ], + "MinimumLevel": { + "Default": "Error", + "Override": { + "Usercube": "Information" + } + }, + ... + } + ... +} +``` 4. Add a **WriteTo** section to specify the expected output. While **uri**/**host**/**splunkHost** specifies the IP address of the machine hosting your log management system, the rest of **Args** configuration must be set just like the examples below. - > For example, to produce a JSON output for QRadar: - > - > ``` - > - > appsettings.json - > - > { - > ... - > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], - > "MinimumLevel": { - > "Default": "Error", - > "Override": { - > "Usercube": "Information" - > } - > }, - > "WriteTo": [ - > { - > "Name": "UDPSink", - > "Args": { - > "uri": "192.168.13.110", - > "port": "514", - > "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" - > } - > } - > ] - > } - > } - > - > ``` - - > For example, to produce an RFC5424 output for QRadar - > ([see more information about UdpSyslog attributes](https://github.com/IonxSolutions/serilog-sinks-syslog#see-more-information-about-udpsyslog-attributes)): - > - > ``` - > - > appsettings.json - > - > { - > ... - > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], - > "MinimumLevel": { - > "Default": "Error", - > "Override": { - > "Usercube": "Information" - > } - > }, - > "WriteTo": [ - > { - > "Name": "UdpSyslog", - > "Args": { - > "host": "192.168.13.110", - > "port": "514", - > "appName": "Usercube", - > "format": "RFC5424", - > "facility": "Local0", - > "secureProtocols": "SecureProtocols.None", - > "outputTemplate": "[{Timestamp:HH:mm:ss} {Level:u3}] {Message:lj} {NewLine}{Exception}" - > } - > } - > ] - > } - > } - > - > ``` - - > For example, to produce an output for Splunk: - > - > ``` - > - > appsettings.json - > - > { - > ... - > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], - > "MinimumLevel": { - > "Default": "Error", - > "Override": { - > "Usercube": "Information" - > } - > }, - > "WriteTo": [ - > { - > "Name": "SplunkEventCollector", - > "Args": { - > "splunkHost": , - > "eventCollectorToken": "", - > "bufferFileFullName": "log-buffer.txt" - > } - > } - > ] - > } - > } - > - > ``` + For example, to produce a JSON output for QRadar (in `appsettings.json`): + +```json +{ + ... + "Serilog": { + "Using": [ + "Serilog.Sinks.Network" + ], + "MinimumLevel": { + "Default": "Error", + "Override": { + "Usercube": "Information" + } + }, + "WriteTo": [ + { + "Name": "UDPSink", + "Args": { + "uri": "192.168.13.110", + "port": "514", + "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" + } + } + ] + } +} +``` + + For example, to produce an RFC5424 output for QRadar (in `appsettings.json`): + +```json +{ + ... + "Serilog": { + "Using": [ + "Serilog.Sinks.Network" + ], + "MinimumLevel": { + "Default": "Error", + "Override": { + "Usercube": "Information" + } + }, + "WriteTo": [ + { + "Name": "UdpSyslog", + "Args": { + "host": "192.168.13.110", + "port": "514", + "appName": "Usercube", + "format": "RFC5424", + "facility": "Local0", + "secureProtocols": "SecureProtocols.None", + "outputTemplate": "[{Timestamp:HH:mm:ss} {Level:u3}] {Message:lj} {NewLine}{Exception}" + } + } + ] + } +} +``` + + For example, to produce an output for Splunk (in `appsettings.json`): + +```json +{ + ... + "Serilog": { + "Using": [ + "Serilog.Sinks.Network" + ], + "MinimumLevel": { + "Default": "Error", + "Override": { + "Usercube": "Information" + } + }, + "WriteTo": [ + { + "Name": "SplunkEventCollector", + "Args": { + "splunkHost": "", + "eventCollectorToken": "", + "bufferFileFullName": "log-buffer.txt" + } + } + ] + } +} +``` 5. When needing to restrict the logs sent to the system, add a filter and wrap all **WriteTo** configuration into a sub-logger, in which case the **Name** at **WriteTo**'s root must be @@ -263,109 +231,101 @@ Export logs to a log management system by proceeding as follows: Never include logs with event ids inferior to 500, in order not to be overwhelmed with logs improper to be used by SIEM systems like QRadar. - > The following example filters out any log whose event id is lower than 500. - > - > ``` - > - > appsettings.json - > - > { - > ... - > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], - > "MinimumLevel": { - > "Default": "Error", - > "Override": { - > "Usercube": "Information" - > } - > }, - > "WriteTo": [ - > { - > "Name": "Logger", - > "Args": { - > "configureLogger": { - > "WriteTo": [ - > { - > "Name": "UDPSink", - > "Args": { - > "uri": "192.168.13.110", - > "port": "514", - > "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" - > } - > } - > ], - > "Filter": [ - > { - > "Name": "ByIncludingOnly", - > "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } - > } - > ] - > } - > } - > } - > ... - > ] - > } - > } - > - > ``` - > - > You could want to filter out the logs whose event ids are 500 too, by replacing - > `EventId.Id >= 500` with `EventId.Id >= 501` in the filter. Or you could want to filter out - > only the logs whose event ids are 502, by replacing `EventId.Id >= 500` with - > `EventId.Id >= 500 and EventId.Id <> 502` in the filter. + For example, to filter out any log whose event id is lower than 500 (in `appsettings.json`): + +```json +{ + ... + "Serilog": { + "Using": [ + "Serilog.Sinks.Network" + ], + "MinimumLevel": { + "Default": "Error", + "Override": { + "Usercube": "Information" + } + }, + "WriteTo": [ + { + "Name": "Logger", + "Args": { + "configureLogger": { + "WriteTo": [ + { + "Name": "UDPSink", + "Args": { + "uri": "192.168.13.110", + "port": "514", + "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" + } + } + ], + "Filter": [ + { + "Name": "ByIncludingOnly", + "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } + } + ] + } + } + } + ] + } +} +``` + + You could want to filter out the logs whose event ids are 500 too, by replacing + `EventId.Id >= 500` with `EventId.Id >= 501` in the filter. Or you could want to filter out + only the logs whose event ids are 502, by replacing `EventId.Id >= 500` with + `EventId.Id >= 500 and EventId.Id <> 502` in the filter. 6. When needing to override the log level for this particular sub-logger, add an additional **MinimalLevel** section in the **WriteTo** section. - > ``` - > - > appsettings.json - > - > { - > ... - > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], - > "MinimumLevel": { - > "Default": "Error", - > "Override": { - > "Usercube": "Information" - > } - > }, - > "WriteTo": [ - > { - > "Name": "Logger", - > "Args": { - > "configureLogger": { - > "MinimumLevel": { - > "Default": "Warning" - > }, - > "WriteTo": [ - > { - > "Name": "UDPSink", - > "Args": { - > "uri": "192.168.13.110", - > "port": "514", - > "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" - > } - > } - > ], - > "Filter": [ - > { - > "Name": "ByIncludingOnly", - > "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } - > } - > ] - > } - > } - > } - > ... - > ] - > } - > } - > - > ``` + For example, to override the log level for this particular sub-logger (in `appsettings.json`): + +```json +{ + ... + "Serilog": { + "Using": [ + "Serilog.Sinks.Network" + ], + "MinimumLevel": { + "Default": "Error", + "Override": { + "Usercube": "Information" + } + }, + "WriteTo": [ + { + "Name": "Logger", + "Args": { + "configureLogger": { + "MinimumLevel": { + "Default": "Warning" + }, + "WriteTo": [ + { + "Name": "UDPSink", + "Args": { + "uri": "192.168.13.110", + "port": "514", + "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" + } + } + ], + "Filter": [ + { + "Name": "ByIncludingOnly", + "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } + } + ] + } + } + } + ] + } +} +``` diff --git a/docs/identitymanager/6.1/integration-guide/monitoring/index.md b/docs/identitymanager/6.1/integration-guide/monitoring/index.md index 90de6b1951..884b6d20a6 100644 --- a/docs/identitymanager/6.1/integration-guide/monitoring/index.md +++ b/docs/identitymanager/6.1/integration-guide/monitoring/index.md @@ -156,17 +156,14 @@ appsettings.json { ... "Serilog": { - "Using": [ - "Serilog.Sinks.Network" - ], + "Using": ["Serilog.Sinks.Network"], "MinimumLevel": { "Default": "Error", "Override": { "Usercube": "Information" } }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Destination1", "Args": { "uri": "192.168.13.110", @@ -181,14 +178,11 @@ appsettings.json "port": "514", "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" } - } - ], - "Filter": [ - { + }], + "Filter": [{ "Name": "ByIncludingOnly", "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } - } - ] + }] } } ``` @@ -202,17 +196,14 @@ appsettings.json { ... "Serilog": { - "Using": [ - "Serilog.Sinks.Network" - ], + "Using": ["Serilog.Sinks.Network"], "MinimumLevel": { "Default": "Error", "Override": { "Usercube": "Information" } }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Logger1", "Args": { "configureLogger": { @@ -227,14 +218,11 @@ appsettings.json "port": "514", "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" } - } - ], - "Filter": [ - { + }], + "Filter": [{ "Name": "ByIncludingOnly", "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } - } - ] + }] } } }, @@ -245,8 +233,7 @@ appsettings.json "MinimumLevel": { "Default": "Information" }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Destination2", "Args": { "uri": "192.168.13.100", @@ -261,14 +248,11 @@ appsettings.json "port": "514", "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" } - } - ], - "Filter": [ - { + }], + "Filter": [{ "Name": "ByIncludingOnly", "Args": { "expression": "StartsWith(SourceContext, 'Test') and EventId.Id >= 800" } - } - ] + }] } } } @@ -292,15 +276,13 @@ can have both Serilog writing to the log file and Usercube reading it to display { ... "Serilog": { - "WriteTo": [ - { + "WriteTo": [{ "Name": "File", "Args": { "path": "../Temp/Server/identitymanager-log.txt", "shared": true, } - } - ] + }] } } ``` @@ -330,17 +312,14 @@ appsettings.json { ... "Serilog": { - "Using": [ - "Serilog.Sinks.Network" - ], + "Using": ["Serilog.Sinks.Network"], "MinimumLevel": { "Default": "Error", "Override": { "Usercube": "Information" } }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Logger", "Args": { "configureLogger": { @@ -355,14 +334,11 @@ appsettings.json "port": "514", "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" } - } - ], - "Filter": [ - { + }], + "Filter": [{ "Name": "ByIncludingOnly", "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } - } - ] + }] } } } @@ -383,9 +359,7 @@ appsettings.json { ... "Serilog": { - "Using": [ - "Serilog.Sinks.Syslog" - ], + "Using": ["Serilog.Sinks.Syslog"], "MinimumLevel": { "Default": "Error", "Override": { @@ -459,15 +433,13 @@ appsettings.json { ... "Serilog": { - "WriteTo": [ - { + "WriteTo": [{ "Name": "File", "Args": { "path": "../Temp/Server/identitymanager-log.txt", "shared": true, } - } - ] + }] } } ``` @@ -483,7 +455,7 @@ appsettings.json { ... "Serilog": { - "WriteTo": [ "Console" ], + "WriteTo": ["Console"], }, "LogsPath": "C:/inetpub/logs/LogFiles" } @@ -500,18 +472,16 @@ appsettings.json { ... "Serilog": { - "WriteTo": [ "Console" ], - "Using": [ "Serilog.Sinks.File" ], + "WriteTo": ["Console"], + "Using": ["Serilog.Sinks.File"], "MinimumLevel": "Error", - "WriteTo": [ - { + "WriteTo": [{ "Name": "File", "Args": { "path": "../Temp/Server/identitymanager-log.txt", "shared": true } - } - ] + }] } } ``` @@ -528,18 +498,16 @@ appsettings.json { ... "Serilog": { - "WriteTo": [ "Console" ], - "Using": [ "Serilog.Sinks.File" ], + "WriteTo": ["Console"], + "Using": ["Serilog.Sinks.File"], "MinimumLevel": "Error", - "WriteTo": [ - { + "WriteTo": [{ "Name": "File", "Args": { "path": "../Temp/Server/identitymanager-log.txt", "shared": true } - } - ] + }] } } ``` @@ -560,8 +528,7 @@ appsettings.json "Usercube": "Debug" } }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Async", "Args": { "configure": [ @@ -572,8 +539,7 @@ appsettings.json "shared: true, "buffered": "true" } - } - ] + }] } }, { diff --git a/docs/identitymanager/6.1/integration-guide/monitoring/references/index.md b/docs/identitymanager/6.1/integration-guide/monitoring/references/index.md index 1beb482559..ee082c1693 100644 --- a/docs/identitymanager/6.1/integration-guide/monitoring/references/index.md +++ b/docs/identitymanager/6.1/integration-guide/monitoring/references/index.md @@ -13,11 +13,11 @@ for example QRadar. The description will use this template for each log: -EventId id: int +**EventId id: int** EventId name: string -LogLevel: Trace||Verbose||Debug||Information||Warning||Error||Critical +**LogLevel: Trace||Verbose||Debug||Information||Warning||Error||Critical** Arguments: @@ -30,11 +30,11 @@ The EventId id must be unique so we could use it to filter the logs we send, see #### 500 -EventId id: 500 +**EventId id: 500** EventId name: Workflow.StartWorkflowInstance -LogLevel: Information +**LogLevel: Information** Arguments: @@ -46,11 +46,11 @@ Arguments: #### 501 -EventId id: 501 +**EventId id: 501** EventId name: Workflow.ResumeWorkflowInstance -LogLevel: Information +**LogLevel: Information** Arguments: @@ -62,11 +62,11 @@ Arguments: #### 502 -EventId id: 502 +**EventId id: 502** EventId name: SelectEntityByIdQueryHandler.Handle -LogLevel: Information +**LogLevel: Information** Arguments: @@ -76,11 +76,11 @@ Arguments: #### 503 -EventId id: 503 +**EventId id: 503** EventId name: SelectEntityByIdQueryHandler.Handle -LogLevel: Error +**LogLevel: Error** Arguments: diff --git a/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md b/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md index f5d963830a..49baae014f 100644 --- a/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md +++ b/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md @@ -42,7 +42,7 @@ JSON files can contain any additional information that you might find useful. Se | Databases optional | **Type** List of Databases **Description** Names and connection strings of all databases used by the agent through [`InvokeSqlCommandTask`](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokesqlcommandtask/index.md), other than Usercube's database and other than the databases provided in Usercube's available packages. This subsection contains a subsection for each additional database. `{ � "Databases": { "": "" } }`**Example**`{ � "Databases": { "UsercubeContoso": "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;" } }` | | OpenId optional | **Type** [OpenId](#openid) **Description** OpenId information, i.e. the ClientIds and related ClientSecrets that the agent may use to authenticate to the server in order to launch jobs and tasks. In order to launch jobs and tasks, the profiles related to these OpenId credentials must possess the required permissions. See examples below. | | PasswordResetSettings optional | **Type** [PasswordResetSettings](#passwordresetsettings) **Description** Parameters which configure the reset password process for the managed systems that support it. See examples below. | -| SourcesRootPaths optional | **Type** String Array **Description** List of folder paths from which Usercube is allowed to read. This option is used to validate the sources files defined in file-based connections. These paths are case sensitive. **Example**`{ � "SourcesRootPaths": [ "C:/identitymanagerContoso/SourceHR", "C:/identitymanagerContoso/SourcesPhone" ] }` | +| SourcesRootPaths optional | **Type** String Array **Description** List of folder paths from which Usercube is allowed to read. This option is used to validate the sources files defined in file-based connections. These paths are case sensitive. **Example**`{ � "SourcesRootPaths": ["C:/identitymanagerContoso/SourceHR", "C:/identitymanagerContoso/SourcesPhone"] }` | | TaskAgentConfiguration optional | **Type** [TaskAgentConfiguration](#taskagentconfiguration) **Description** Various settings to customize the behavior of some agent tasks. See examples below. | ## OpenId diff --git a/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings/index.md b/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings/index.md index 213f55b297..29a5d91a51 100644 --- a/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings/index.md +++ b/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings/index.md @@ -9,8 +9,11 @@ sidebar_position: 10 This section describes the settings available in the agent's appsettings.json file, located in the agent's working directory or in environment variables. -**NOTE:** JSON files can contain any additional information that you might find useful. See the +:::note +JSON files can contain any additional information that you might find useful. See the example below. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -43,13 +46,13 @@ The appsettings set allows the following attributes and sections: | EncryptionCertificate (required) | EncryptionCertificate | Settings to configure the encryption of specific files. | | IdentityServer (required) | IdentityServer | Settings to configure the agent's encrypted network communication, for example with the server or a browser. | | Authentication (required) | Authentication | Settings to configure end-user authentication, for example for users to launch a job from the UI. | -| Serilog (optional) | Logger setting | Settings to configure the logging service, complying to the Logger properties and structure. See the [ Monitoring ](/docs/identitymanager/6.1/integration-guide/monitoring/index.md) topic for additional information. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {   "Serilog": {     "WriteTo": [ "Console" ],     "MinimumLevel": {       "Default": "Error",       "Override": {         "Usercube": "Information"         }       }     } }                         ` | +| Serilog (optional) | Logger setting | Settings to configure the logging service, complying to the Logger properties and structure. See the [Monitoring](/docs/identitymanager/6.1/integration-guide/monitoring/index.md) topic for additional information. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {   "Serilog": {     "WriteTo": ["Console"],     "MinimumLevel": {       "Default": "Error",       "Override": {         "Usercube": "Information"         }       }     } }                         ` | | Cors (optional) | Cors | Settings to configure the agent's [CORS policy](https://developer.mozilla.org/fr/docs/Web/HTTP/CORS), which is useful when using non-integrated agents. | | ApplicationInsights (optional) | ApplicationInsights | Settings to plug to and configure the [AppInsights](https://docs.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview) monitoring tool. | | TempFolderPath (optional) | String | Path to the temporary folder which contains: - ExportOutput: directory storing data exported from connectors. - JobLogs: directory storing task instance logs. - Reports: directory storing generated reports. - Packages: directory storing the downloaded package logos. - PolicySimulations: directory storing the files generated by policy simulations. - ProvisioningCache.txt: file storing the clustered provisioning cache. When enabled, this file can be used to coordinate the API cache among clusters. - CorrelationCache.txt - RiskCache.txt - ExpressionCache.txt - scheduler.lock - connector.txt - container.reset.txt: file acting as a reset command for Usercube's server, i.e. any change to this file triggers the reset service, thus reloading all the services instantiated by the server. Note that this path can be overridden by **ResetSettings** > **FilepathResetService**. - Mails: directory storing the email messages. Note that this path can be overridden by **ResetSettings** > **PickupDirectory**. - Deployment these elements can be removed, but make sure to restart the server after doing so. Example: `appsettings.json {   "TempFolderPath": "../Temp" }` | | WorkFolderPath (optional) | String | Path of the work folder which contains: - Collect: directory storing the CSV source files exported by connectors. - ProvisioningOrders: directory storing the orders generated by the server. - FulfillPowerShell: PowerShell provisioner's working directory. - FulfillRobotFramework: Robot Framework's provisioner working directory. - ExportCookies: directory storing the cookies used for incremental export. - Synchronization: directory storing the agent's data collection results. - Upload: directory storing the uploaded media like uploaded pictures, before they are inserted into the database. - appsettings.connection.json These elements must not be removed, because doing so may disrupt Usercube's execution after restarting. Example: `appsettings.json {   "WorkFolderPath": "../Work" }` | | JobLaunchTimeout default value: 7500 | String | Time period (in milliseconds) after which, if a launched job has not started, it is considered in error. Example: `appsettings.json {   "JobLaunchTimeout": 9000 }` | -| InvokeSqlCommands default value: null | String | List of parameter sets used to override InvokeSqlCommandTasks' SQLInputFile and OutputPath parameters from the XML configuration. See the [ InvokeSqlCommandTask ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokesqlcommandtask/index.md) topic for additional information. For each task to override, the key must be the task's identifier. Example: `appsettings.json  {        "InvokeSqlCommands": {         "InvokeSqlCommandTask_Identifier": {           "SQLInputFile": "YourInputFilePath",           "OutputPath": "YourOutputFilePath"  },         } }` | +| InvokeSqlCommands default value: null | String | List of parameter sets used to override InvokeSqlCommandTasks' SQLInputFile and OutputPath parameters from the XML configuration. See the [InvokeSqlCommandTask](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokesqlcommandtask/index.md) topic for additional information. For each task to override, the key must be the task's identifier. Example: `appsettings.json  {        "InvokeSqlCommands": {         "InvokeSqlCommandTask_Identifier": {           "SQLInputFile": "YourInputFilePath",           "OutputPath": "YourOutputFilePath"  },         } }` | ## Jobs @@ -72,7 +75,7 @@ appsettings.json | Name | Type | Description | | --------------------------------- | ----- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| MaxTaskBatchSize default value: 5 | Int64 | Maximum number of tasks that can be launched simultaneously, thus avoiding timeout issues. When executing a job, Usercube launches simultaneously the tasks of a same Level. See the [ Job ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/job/index.md) topic for additional information. If the number of same-level tasks exceeds MaxTaskBatchSize, then Usercube inserts new levels. These effective levels can be seen in the job's logs or with the Usercube-Get-JobSteps executable. See the [ Usercube-Get-JobSteps ](/docs/identitymanager/6.1/integration-guide/executables/references/get-jobsteps/index.md) topic for additional information. | +| MaxTaskBatchSize default value: 5 | Int64 | Maximum number of tasks that can be launched simultaneously, thus avoiding timeout issues. When executing a job, Usercube launches simultaneously the tasks of a same Level. See the [Job](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/job/index.md) topic for additional information. If the number of same-level tasks exceeds MaxTaskBatchSize, then Usercube inserts new levels. These effective levels can be seen in the job's logs or with the Usercube-Get-JobSteps executable. See the [Usercube-Get-JobSteps](/docs/identitymanager/6.1/integration-guide/executables/references/get-jobsteps/index.md) topic for additional information. | ## Scheduler @@ -113,14 +116,17 @@ This information can be set one of two ways: identified by SubjectDistinguishedName or by Thumbprint. The Windows certificate also contains both the public key certificate and the private key. - **NOTE:** Netwrix recommends using Windows' certificate store. + :::note + Netwrix recommends using Windows' certificate store. + ::: + On the other hand, the PFX file takes priority over Windows' certificate, which means that when File is specified then the PFX certificate is used, even if the options for Windows' certificate are specified too. In both ways, missing and/or incorrect settings trigger an error and no certificate is loaded. -As a PFX file +**As a PFX file** For example: @@ -145,19 +151,22 @@ The archive is set using the following attributes: | File (required) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive path on the host file system. | | Password (optional) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. | -**NOTE:** Storing a .pfx file password in plain text in a production environment is strongly +:::note +Storing a .pfx file password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword tool. See -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.1/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/6.1/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. +::: + The archive is set using the following attributes: | Name | Type | Description | | ------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | File (required) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive path on the host file system. | -| Password (optional) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. storing a .pfx file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword.exe tool. See the [ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.1/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. | +| Password (optional) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. storing a .pfx file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword.exe tool. See the [Usercube-Protect-CertificatePassword](/docs/identitymanager/6.1/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. | -As a Certificate in the Windows Store +**As a Certificate in the Windows Store** For example: @@ -185,11 +194,11 @@ The Windows certificate is set using these attributes: | StoreLocation (required) | String | Location of the relevant Windows certificate store: LocalMachine or CurrentUser. | | StoreName (required) | String | Name of the relevant Windows certificate store. | -Using Azure Key Vault +**Using Azure Key Vault** If the certificate is saved in Azure Key Vault, we must define the certificate identifier and the Vault connection. See the -[ Azure Key Vault ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) +[Azure Key Vault](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -206,7 +215,7 @@ script in the command line. Just like the Encryption Certificate, this information can be set one of two ways. -As a PFX file +**As a PFX file** For example: @@ -229,13 +238,16 @@ The archive is set using the following attributes: | X509KeyFilePath (required) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive path on the agent's host file system. | | X509KeyFilePassword (optional) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. | -**NOTE:** Storing a .pfx file password in plain text in a production environment is strongly +:::note +Storing a .pfx file password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword tool. See the -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.1/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/6.1/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. +::: -As a Certificate in the Windows Store + +**As a Certificate in the Windows Store** For example: @@ -260,8 +272,11 @@ The certificate is set using these attributes: | X509SubjectDistinguishedName (optional) | String | SubjectDistinguishedName of the certificate. It is required when X509Thumbprint is not defined. | | X509Thumbprint (optional) | String | Thumbprint of the certificate. It is required when X509SubjectDistinguishedName is not defined. | -**NOTE:** If you are using the certificate provided in the SDK, the agent will fail when launching. +:::note +If you are using the certificate provided in the SDK, the agent will fail when launching. You must create your own certificate. +::: + You can get the DistinguishedName of the certificate using OpenSSL: @@ -341,6 +356,9 @@ The application insights details are: | -------------------------------------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | InstrumentationKey default value: null | String | Key linked to the AppInsights instance to which the server's logs, requests, dependencies and performance are to be sent. See Microsoft's documentation to create an[ instrumentation key](https://docs.microsoft.com/en-us/azure/azure-monitor/app/create-new-resource). | -**NOTE:** The logs sent to AppInsights are configured through the Logger properties. See the -[ Monitoring ](/docs/identitymanager/6.1/integration-guide/monitoring/index.md) topic +:::note +The logs sent to AppInsights are configured through the Logger properties. See the +[Monitoring](/docs/identitymanager/6.1/integration-guide/monitoring/index.md) topic for additional information. + +::: diff --git a/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md b/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md index 16fba37a14..ae61db7a9d 100644 --- a/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md +++ b/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md @@ -44,10 +44,10 @@ The important part of adding a secret in Azure Key Vault is defining its name an > > ``` > -> appsettings.agent.json { ... "Connections": { ... "ADExport": { "Servers": [ > { > "Server": > +> appsettings.agent.json { ... "Connections": { ... "ADExport": { "Servers": [> { > "Server": > > "paris.contoso.com", > "BaseDN": "DC=paris,DC=com" > }, > { > "Server": "marseille.contoso.com", > > -> > "BaseDN": "DC=defense,DC=marseille,DC=com" > } > ], "AuthType": "Basic", "Login": "login123", +> > "BaseDN": "DC=defense,DC=marseille,DC=com" > } >], "AuthType": "Basic", "Login": "login123", > > "Password": "password123", "Filter": "(objectclass=\*)", "EnableSSL": "false", } } } > > ```` diff --git a/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md b/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md index bd20eda2d1..20d0b3aa5e 100644 --- a/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md +++ b/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md @@ -292,14 +292,13 @@ In this file: > "AD_Export": { > "Login": "AdAccount", > "Password": "AdAccount", -> "Servers": [ -> { +> "Servers": [> { > "Server": "AdAccount" > }, > { > "Server": "AdServer2" > } -> ] +>] > } > } > } diff --git a/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md b/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md index d5498a943c..fdb1205e5c 100644 --- a/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md +++ b/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md @@ -125,7 +125,7 @@ Authentication is set up using the following two sections of the Server's `appse ``` -\{ "IdentityServer":\{ ... \}, "Authentication":\{ ... \} \} +**\{ "IdentityServer":\{ ... \}, "Authentication":\{ ... \} \}** ```` diff --git a/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/general-purpose/index.md b/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/general-purpose/index.md index 9f61336a22..454f3efbae 100644 --- a/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/general-purpose/index.md +++ b/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/general-purpose/index.md @@ -42,7 +42,7 @@ The `appsettings` set allows the following attributes and sections: | NotUseAgent default value: false | **Type** Boolean **Description** `True` to disable the use of the [agent](/docs/identitymanager/6.1/integration-guide/architecture/index.md). **Example**`appsettings.json { � "NotUseAgent": true }` | | OpenIdClients optional | **Type** OpenIdClient List **Description** List of hashed secrets used to override the plain-text secrets from the [OpenIdClient](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) XML configuration. **Info:** this way, Usercube stores only hashed secrets, for security purposes. **Note:** each environment must have its own secret, distinct from the others. **Example**`appsettings.json { � "OpenIdClients": { "Job": { "HashedSecret": "K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols" }, "PowerBI": { "HashedSecret": "7b8N2NWka5alDrjM7rFqf7+xqq9LIcT5jSoQ+1Ci2V0" } } }` | | PowerBISettings optional | **Type** [PowerBISettings](#powerbisettings) **Description** Settings to configure the API used by Power BI to access Usercube data. | -| Serilog optional | **Type** [Serilog](/docs/identitymanager/6.1/integration-guide/monitoring/index.md) **Description** Settings to configure the logging service, complying to the [Logger](/docs/identitymanager/6.1/integration-guide/monitoring/index.md) properties and structure. **Example**`appsettings.json { � "Serilog": { "WriteTo": [ "Console" ], "MinimumLevel": { "Default": "Error", "Override": { "Usercube": "Information" } } } }` | +| Serilog optional | **Type** [Serilog](/docs/identitymanager/6.1/integration-guide/monitoring/index.md) **Description** Settings to configure the logging service, complying to the [Logger](/docs/identitymanager/6.1/integration-guide/monitoring/index.md) properties and structure. **Example**`appsettings.json { � "Serilog": { "WriteTo": ["Console"], "MinimumLevel": { "Default": "Error", "Override": { "Usercube": "Information" } } } }` | | Swagger optional | **Type** [Swagger](#swagger) **Description** Enabling [Swagger](https://swagger.io/tools/swagger-ui/) enables visualizing and interacting with the API's resources without having any of the implementation logic in place. **Info:** it is automatically generated from Usercube's API, with the visual documentation making it easy for back-end implementation and client-side consumption. | | TempFolderPath default value: ../Temp | **Type** String **Description** Path to the temporary folder which contains: - `ExportOutput`: directory storing data exported from connectors. - `JobLogs`: directory storing task instance logs. - `Reports`: directory storing generated reports. - `Packages`: directory storing the downloaded package logos. - `PolicySimulations`: directory storing the files generated by policy simulations. - `ProvisioningCache.txt`: file storing the clustered provisioning cache. **Note:** when enabled, this file can be used to coordinate the API cache among clusters. - `CorrelationCache.txt` - `RiskCache.txt` - `ExpressionCache.txt` - `scheduler.lock` - `connector.txt` - `container.reset.txt`: file acting as a reset command for Usercube's server, i.e. any change to this file triggers the reset service, thus reloading all the services instantiated by the server. **Note:** this path can be overridden by **ResetSettings** > **FilepathResetService**. - `Mails`: directory storing the email messages. **Note:** this path can be overridden by **ResetSettings** > **PickupDirectory**. - `Deployment` **Note:** these elements can be removed, but make sure to restart the server after doing so. **Example**`appsettings.json { � "TempFolderPath": "../Temp" }` | | WorkFolderPath default value: ../Work | **Type** String **Description** Path of the work folder which contains: - `Collect`: directory storing the CSV source files exported by connectors. - `ProvisioningOrders`: directory storing the orders generated by the server. - `FulfillPowerShell`: PowerShell provisioner's working directory. - `FulfillRobotFramework`: Robot Framework's provisioner working directory. - `ExportCookies`: directory storing the cookies used for incremental export. - `Synchronization`: directory storing the agent's data collection results. - `Upload`: directory storing the uploaded media like uploaded pictures, before they are inserted into the database. - `appsettings.connection.json` **Note:** these elements must not be removed, because doing so may disrupt Usercube's execution after restarting. **Example**`appsettings.json { � "WorkFolderPath": "../Work" }` | diff --git a/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/index.md b/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/index.md index c562ae2dc6..75bbe50a8c 100644 --- a/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/index.md +++ b/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/index.md @@ -15,7 +15,7 @@ The Server configuration is included in the Server's appsettings set. The appsettings set content can be written to appsettings.json in the Server's working directory or to environment variables. See the -[ Architecture ](/docs/identitymanager/6.1/integration-guide/architecture/index.md) +[Architecture](/docs/identitymanager/6.1/integration-guide/architecture/index.md) topic for additional information. The server appsettings supported attributes and sections are described in the following sections: @@ -25,10 +25,10 @@ The server appsettings supported attributes and sections are described in the fo - General-Purpose Settings See -the[ Connection to the Database ](/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/database-connection/index.md), -[ End-User Authentication ](/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md) +the[Connection to the Database](/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/database-connection/index.md), +[End-User Authentication](/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md) and -[ Application Settings ](/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/general-purpose/index.md) +[Application Settings](/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/general-purpose/index.md) topics for additional information. ## Secret and Certificate Management @@ -36,7 +36,7 @@ topics for additional information. All the certificates and secrets present in the settings can be loaded with an Azure Key Vault. See the -[ Azure Key Vault ](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) +[Azure Key Vault](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) topic for additional information. ## Default Configuration diff --git a/docs/identitymanager/6.1/integration-guide/network-configuration/settings/index.md b/docs/identitymanager/6.1/integration-guide/network-configuration/settings/index.md index 3389723286..dc1242c827 100644 --- a/docs/identitymanager/6.1/integration-guide/network-configuration/settings/index.md +++ b/docs/identitymanager/6.1/integration-guide/network-configuration/settings/index.md @@ -16,7 +16,7 @@ This setting is used to track the current configuration version. ``` - +**** ``` @@ -30,7 +30,7 @@ This setting is used to customize the application display. ``` - +**** ``` @@ -103,7 +103,7 @@ The max number of links to display is 5. ``` - +**** ``` @@ -188,7 +188,7 @@ This setting is used to filter the entity type used by authentication mechanism. ``` - +**** ``` @@ -204,7 +204,7 @@ This setting enables task delegation to a group of people. ``` - +**** ``` @@ -234,7 +234,7 @@ using the following setting: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/notifications/native/errored-jobs/index.md b/docs/identitymanager/6.1/integration-guide/notifications/native/errored-jobs/index.md index 70f0d97387..e449438d6b 100644 --- a/docs/identitymanager/6.1/integration-guide/notifications/native/errored-jobs/index.md +++ b/docs/identitymanager/6.1/integration-guide/notifications/native/errored-jobs/index.md @@ -10,7 +10,7 @@ Usercube is able to send notification emails when a job ends with an error. The is sent to the user who has the necessary rights and the permission. See the -[ Native Notifications ](/docs/identitymanager/6.1/integration-guide/notifications/native/index.md) +[Native Notifications](/docs/identitymanager/6.1/integration-guide/notifications/native/index.md) and -[ Profiles & Permissions ](/docs/identitymanager/6.1/integration-guide/profiles-permissions/index.md) +[Profiles & Permissions](/docs/identitymanager/6.1/integration-guide/profiles-permissions/index.md) topics for additional information. diff --git a/docs/identitymanager/6.1/integration-guide/profiles-permissions/how-tos/create-assign-profiles/index.md b/docs/identitymanager/6.1/integration-guide/profiles-permissions/how-tos/create-assign-profiles/index.md index 9cc37fe715..c47face64c 100644 --- a/docs/identitymanager/6.1/integration-guide/profiles-permissions/how-tos/create-assign-profiles/index.md +++ b/docs/identitymanager/6.1/integration-guide/profiles-permissions/how-tos/create-assign-profiles/index.md @@ -12,7 +12,7 @@ these profiles automatically. ## Create a Profile Here is the xml configuration to create a profile in Usercube. See the -[ Profile ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) +[Profile](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -42,7 +42,7 @@ script in the command line. The Usercube-Set-InternalUserProfiles task is mandatory to automatically assign the profile. The task can be selected from the Job provisioning list. See the -[ SetInternalUserProfilesTask ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) +[SetInternalUserProfilesTask](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the diff --git a/docs/identitymanager/6.1/integration-guide/profiles-permissions/permissions/index.md b/docs/identitymanager/6.1/integration-guide/profiles-permissions/permissions/index.md index 12f2c3170b..473a9ce5cb 100644 --- a/docs/identitymanager/6.1/integration-guide/profiles-permissions/permissions/index.md +++ b/docs/identitymanager/6.1/integration-guide/profiles-permissions/permissions/index.md @@ -8,15 +8,15 @@ sidebar_position: 10 ### /AccessCertification/AccessCertificationCampaign/Create -Permission to create objects of type AccessCertificationCampaign +**Permission to create objects of type AccessCertificationCampaign** ### /AccessCertification/AccessCertificationCampaign/Delete -Permission to delete objects of type AccessCertificationCampaign +**Permission to delete objects of type AccessCertificationCampaign** ### /AccessCertification/AccessCertificationCampaign/Process -Permission to process AccessCertificationCampaign decisions +**Permission to process AccessCertificationCampaign decisions** ### /AccessCertification/AccessCertificationCampaign/Query @@ -24,7 +24,7 @@ Permission to query and read objects of type AccessCertificationCampaign ### /AccessCertification/AccessCertificationCampaign/Update -Permission to update objects of type AccessCertificationCampaign +**Permission to update objects of type AccessCertificationCampaign** ### /AccessCertification/AccessCertificationCampaignPolicy/Query @@ -32,11 +32,11 @@ Permission to query and read objects of type AccessCertificationCampaignPolicy ### /AccessControl/AccessControlEntry/Create -Permission to create objects of type AccessControlEntry +**Permission to create objects of type AccessControlEntry** ### /AccessControl/AccessControlEntry/Delete -Permission to delete objects of type AccessControlEntry +**Permission to delete objects of type AccessControlEntry** ### /AccessControl/AccessControlEntry/Query @@ -44,15 +44,15 @@ Permission to query and read objects of type AccessControlEntry ### /AccessControl/AccessControlEntry/Update -Permission to update objects of type AccessControlEntry +**Permission to update objects of type AccessControlEntry** ### /AccessControl/AccessControlFilter/Create -Permission to create objects of type AccessControlFilter +**Permission to create objects of type AccessControlFilter** ### /AccessControl/AccessControlFilter/Delete -Permission to delete objects of type AccessControlFilter +**Permission to delete objects of type AccessControlFilter** ### /AccessControl/AccessControlFilter/Query @@ -60,7 +60,7 @@ Permission to query and read objects of type AccessControlFilter ### /AccessControl/AccessControlFilter/Update -Permission to update objects of type AccessControlFilter +**Permission to update objects of type AccessControlFilter** ### /AccessControl/AccessControlPermission/Query @@ -68,11 +68,11 @@ Permission to query and read objects of type AccessControlPermission ### /AccessControl/AccessControlRule/Create -Permission to create objects of type AccessControlRule +**Permission to create objects of type AccessControlRule** ### /AccessControl/AccessControlRule/Delete -Permission to delete objects of type AccessControlRule +**Permission to delete objects of type AccessControlRule** ### /AccessControl/AccessControlRule/Query @@ -80,15 +80,15 @@ Permission to query and read objects of type AccessControlRule ### /AccessControl/AccessControlRule/Update -Permission to update objects of type AccessControlRule +**Permission to update objects of type AccessControlRule** ### /AccessControl/AssignedProfile/Create -Permission to create objects of type AssignedProfile +**Permission to create objects of type AssignedProfile** ### /AccessControl/AssignedProfile/Delete -Permission to delete objects of type AssignedProfile +**Permission to delete objects of type AssignedProfile** ### /AccessControl/AssignedProfile/Query @@ -96,15 +96,15 @@ Permission to query and read objects of type AssignedProfile ### /AccessControl/AssignedProfile/Update -Permission to update objects of type AssignedProfile +**Permission to update objects of type AssignedProfile** ### /AccessControl/OpenIdClient/Create -Permission to create objects of type OpenIdClient +**Permission to create objects of type OpenIdClient** ### /AccessControl/OpenIdClient/Delete -Permission to delete objects of type OpenIdClient +**Permission to delete objects of type OpenIdClient** ### /AccessControl/OpenIdClient/Query @@ -112,15 +112,15 @@ Permission to query and read objects of type OpenIdClient ### /AccessControl/OpenIdClient/Update -Permission to update objects of type OpenIdClient +**Permission to update objects of type OpenIdClient** ### /AccessControl/Profile/Create -Permission to create objects of type Profile +**Permission to create objects of type Profile** ### /AccessControl/Profile/Delete -Permission to delete objects of type Profile +**Permission to delete objects of type Profile** ### /AccessControl/Profile/Query @@ -128,7 +128,7 @@ Permission to query and read objects of type Profile ### /AccessControl/Profile/Update -Permission to update objects of type Profile +**Permission to update objects of type Profile** ### /AccessControl/ProfileRuleContext/Query @@ -136,11 +136,11 @@ Permission to query and read objects of type ProfileRuleContext ### /Connectors/Agent/Create -Permission to create objects of type Agent +**Permission to create objects of type Agent** ### /Connectors/Agent/Delete -Permission to delete objects of type Agent +**Permission to delete objects of type Agent** ### /Connectors/Agent/Query @@ -148,15 +148,15 @@ Permission to query and read objects of type Agent ### /Connectors/Agent/Update -Permission to update objects of type Agent +**Permission to update objects of type Agent** ### /Connectors/Connection/Create -Permission to create objects of type Connection +**Permission to create objects of type Connection** ### /Connectors/Connection/Delete -Permission to delete objects of type Connection +**Permission to delete objects of type Connection** ### /Connectors/Connection/Query @@ -164,7 +164,7 @@ Permission to query and read objects of type Connection ### /Connectors/Connection/Update -Permission to update objects of type Connection +**Permission to update objects of type Connection** ### /Connectors/ConnectionColumn/Query @@ -180,11 +180,11 @@ Permission to query and read objects of type ConnectionTable ### /Connectors/Connector/Create -Permission to create objects of type Connector +**Permission to create objects of type Connector** ### /Connectors/Connector/Delete -Permission to delete objects of type Connector +**Permission to delete objects of type Connector** ### /Connectors/Connector/Query @@ -192,15 +192,15 @@ Permission to query and read objects of type Connector ### /Connectors/Connector/Update -Permission to update objects of type Connector +**Permission to update objects of type Connector** ### /Connectors/EntityAssociationMapping/Create -Permission to create objects of type EntityAssociationMapping +**Permission to create objects of type EntityAssociationMapping** ### /Connectors/EntityAssociationMapping/Delete -Permission to delete objects of type EntityAssociationMapping +**Permission to delete objects of type EntityAssociationMapping** ### /Connectors/EntityAssociationMapping/Query @@ -208,15 +208,15 @@ Permission to query and read objects of type EntityAssociationMapping ### /Connectors/EntityAssociationMapping/Update -Permission to update objects of type EntityAssociationMapping +**Permission to update objects of type EntityAssociationMapping** ### /Connectors/EntityPropertyMapping/Create -Permission to create objects of type EntityPropertyMapping +**Permission to create objects of type EntityPropertyMapping** ### /Connectors/EntityPropertyMapping/Delete -Permission to delete objects of type EntityPropertyMapping +**Permission to delete objects of type EntityPropertyMapping** ### /Connectors/EntityPropertyMapping/Query @@ -224,15 +224,15 @@ Permission to query and read objects of type EntityPropertyMapping ### /Connectors/EntityPropertyMapping/Update -Permission to update objects of type EntityPropertyMapping +**Permission to update objects of type EntityPropertyMapping** ### /Connectors/EntityTypeMapping/Create -Permission to create objects of type EntityTypeMapping +**Permission to create objects of type EntityTypeMapping** ### /Connectors/EntityTypeMapping/Delete -Permission to delete objects of type EntityTypeMapping +**Permission to delete objects of type EntityTypeMapping** ### /Connectors/EntityTypeMapping/Query @@ -240,7 +240,7 @@ Permission to query and read objects of type EntityTypeMapping ### /Connectors/EntityTypeMapping/Update -Permission to update objects of type EntityTypeMapping +**Permission to update objects of type EntityTypeMapping** ### /Connectors/EntityTypeMappingByConnectorIdQuery/Query @@ -450,11 +450,11 @@ recipient's type: `Profile`. ### /Jobs/Job/Create -Permission to create objects of type Job +**Permission to create objects of type Job** ### /Jobs/Job/Delete -Permission to delete objects of type Job +**Permission to delete objects of type Job** ### /Jobs/Job/Query @@ -462,15 +462,15 @@ Permission to query and read objects of type Job ### /Jobs/Job/Update -Permission to update objects of type Job +**Permission to update objects of type Job** ### /Jobs/JobInstance/Create -Permission to create objects of type JobInstance +**Permission to create objects of type JobInstance** ### /Jobs/JobInstance/Delete -Permission to delete objects of type JobInstance +**Permission to delete objects of type JobInstance** ### /Jobs/JobInstance/Query @@ -478,15 +478,15 @@ Permission to query and read objects of type JobInstance ### /Jobs/JobInstance/Update -Permission to update objects of type JobInstance +**Permission to update objects of type JobInstance** ### /Jobs/JobStep/Create -Permission to create objects of type JobStep +**Permission to create objects of type JobStep** ### /Jobs/JobStep/Delete -Permission to delete objects of type JobStep +**Permission to delete objects of type JobStep** ### /Jobs/JobStep/Query @@ -494,11 +494,11 @@ Permission to query and read objects of type JobStep ### /Jobs/JobStep/Update -Permission to update objects of type JobStep +**Permission to update objects of type JobStep** ### /Jobs/RunJob/GetLog -Read permission for JobLog +**Read permission for JobLog** ### /Jobs/RunJob/Launch/Aborted @@ -542,11 +542,11 @@ Permission to send notification for job relaunched which ends in state Warning ### /Jobs/Task/Create -Permission to create objects of type Task +**Permission to create objects of type Task** ### /Jobs/Task/Delete -Permission to delete objects of type Task +**Permission to delete objects of type Task** ### /Jobs/Task/Query @@ -554,15 +554,15 @@ Permission to query and read objects of type Task ### /Jobs/Task/Update -Permission to update objects of type Task +**Permission to update objects of type Task** ### /Jobs/TaskDependOnTask/Create -Permission to create objects of type TaskDependOnTask +**Permission to create objects of type TaskDependOnTask** ### /Jobs/TaskDependOnTask/Delete -Permission to delete objects of type TaskDependOnTask +**Permission to delete objects of type TaskDependOnTask** ### /Jobs/TaskDependOnTask/Query @@ -570,15 +570,15 @@ Permission to query and read objects of type TaskDependOnTask ### /Jobs/TaskDependOnTask/Update -Permission to update objects of type TaskDependOnTask +**Permission to update objects of type TaskDependOnTask** ### /Jobs/TaskDimension/Create -Permission to create objects of type TaskDimension +**Permission to create objects of type TaskDimension** ### /Jobs/TaskDimension/Delete -Permission to delete objects of type TaskDimension +**Permission to delete objects of type TaskDimension** ### /Jobs/TaskDimension/Query @@ -586,15 +586,15 @@ Permission to query and read objects of type TaskDimension ### /Jobs/TaskDimension/Update -Permission to update objects of type TaskDimension +**Permission to update objects of type TaskDimension** ### /Jobs/TaskEntityType/Create -Permission to create objects of type TaskEntityType +**Permission to create objects of type TaskEntityType** ### /Jobs/TaskEntityType/Delete -Permission to delete objects of type TaskEntityType +**Permission to delete objects of type TaskEntityType** ### /Jobs/TaskEntityType/Query @@ -602,7 +602,7 @@ Permission to query and read objects of type TaskEntityType ### /Jobs/TaskEntityType/Update -Permission to update objects of type TaskEntityType +**Permission to update objects of type TaskEntityType** ### /Jobs/TaskIdByIdentifiersQuery/Query @@ -610,11 +610,11 @@ Permission to query and read objects of type TaskIdByIdentifiersQuery ### /Jobs/TaskInstance/Create -Permission to create objects of type TaskInstance +**Permission to create objects of type TaskInstance** ### /Jobs/TaskInstance/Delete -Permission to delete objects of type TaskInstance +**Permission to delete objects of type TaskInstance** ### /Jobs/TaskInstance/Query @@ -622,15 +622,15 @@ Permission to query and read objects of type TaskInstance ### /Jobs/TaskInstance/Update -Permission to update objects of type TaskInstance +**Permission to update objects of type TaskInstance** ### /Jobs/TaskResourceType/Create -Permission to create objects of type TaskResourceType +**Permission to create objects of type TaskResourceType** ### /Jobs/TaskResourceType/Delete -Permission to delete objects of type TaskResourceType +**Permission to delete objects of type TaskResourceType** ### /Jobs/TaskResourceType/Query @@ -638,15 +638,15 @@ Permission to query and read objects of type TaskResourceType ### /Jobs/TaskResourceType/Update -Permission to update objects of type TaskResourceType +**Permission to update objects of type TaskResourceType** ### /Metadata/Binding/Create -Permission to create objects of type Binding +**Permission to create objects of type Binding** ### /Metadata/Binding/Delete -Permission to delete objects of type Binding +**Permission to delete objects of type Binding** ### /Metadata/Binding/Query @@ -654,7 +654,7 @@ Permission to query and read objects of type Binding ### /Metadata/Binding/Update -Permission to update objects of type Binding +**Permission to update objects of type Binding** ### /Metadata/BindingItem/Query @@ -662,11 +662,11 @@ Permission to query and read objects of type BindingItem ### /Metadata/Dimension/Create -Permission to create objects of type Dimension +**Permission to create objects of type Dimension** ### /Metadata/Dimension/Delete -Permission to delete objects of type Dimension +**Permission to delete objects of type Dimension** ### /Metadata/Dimension/Query @@ -674,15 +674,15 @@ Permission to query and read objects of type Dimension ### /Metadata/Dimension/Update -Permission to update objects of type Dimension +**Permission to update objects of type Dimension** ### /Metadata/EntityAssociation/Create -Permission to create objects of type EntityAssociation +**Permission to create objects of type EntityAssociation** ### /Metadata/EntityAssociation/Delete -Permission to delete objects of type EntityAssociation +**Permission to delete objects of type EntityAssociation** ### /Metadata/EntityAssociation/Query @@ -690,15 +690,15 @@ Permission to query and read objects of type EntityAssociation ### /Metadata/EntityAssociation/Update -Permission to update objects of type EntityAssociation +**Permission to update objects of type EntityAssociation** ### /Metadata/EntityProperty/Create -Permission to create objects of type EntityProperty +**Permission to create objects of type EntityProperty** ### /Metadata/EntityProperty/Delete -Permission to delete objects of type EntityProperty +**Permission to delete objects of type EntityProperty** ### /Metadata/EntityProperty/Query @@ -706,15 +706,15 @@ Permission to query and read objects of type EntityProperty ### /Metadata/EntityProperty/Update -Permission to update objects of type EntityProperty +**Permission to update objects of type EntityProperty** ### /Metadata/EntityType/Create -Permission to create objects of type EntityType +**Permission to create objects of type EntityType** ### /Metadata/EntityType/Delete -Permission to delete objects of type EntityType +**Permission to delete objects of type EntityType** ### /Metadata/EntityType/Query @@ -722,7 +722,7 @@ Permission to query and read objects of type EntityType ### /Metadata/EntityType/Update -Permission to update objects of type EntityType +**Permission to update objects of type EntityType** ### /Metadata/Language/Query @@ -730,11 +730,11 @@ Permission to query and read objects of type Language ### /Metadata/Setting/Create -Permission to create objects of type Setting +**Permission to create objects of type Setting** ### /Metadata/Setting/Delete -Permission to delete objects of type Setting +**Permission to delete objects of type Setting** ### /Metadata/Setting/Query @@ -742,7 +742,7 @@ Permission to query and read objects of type Setting ### /Metadata/Setting/Update -Permission to update objects of type Setting +**Permission to update objects of type Setting** ### /Monitoring @@ -750,15 +750,15 @@ Permission to download server logs from the User Interface (from the **Monitorin ### /ProvisioningPolicy/AssignedCompositeRole/Comment -Permission to comment objects of type AssignedCompositeRole +**Permission to comment objects of type AssignedCompositeRole** ### /ProvisioningPolicy/AssignedCompositeRole/Create -Permission to create objects of type AssignedCompositeRole +**Permission to create objects of type AssignedCompositeRole** ### /ProvisioningPolicy/AssignedCompositeRole/Delete -Permission to delete objects of type AssignedCompositeRole +**Permission to delete objects of type AssignedCompositeRole** ### /ProvisioningPolicy/AssignedCompositeRole/Query @@ -766,15 +766,15 @@ Permission to query and read objects of type AssignedCompositeRole ### /ProvisioningPolicy/AssignedCompositeRole/Update -Permission to update objects of type AssignedCompositeRole +**Permission to update objects of type AssignedCompositeRole** ### /ProvisioningPolicy/AssignedResourceBinary/Create -Permission to create objects of type AssignedResourceBinary +**Permission to create objects of type AssignedResourceBinary** ### /ProvisioningPolicy/AssignedResourceBinary/Delete -Permission to delete objects of type AssignedResourceBinary +**Permission to delete objects of type AssignedResourceBinary** ### /ProvisioningPolicy/AssignedResourceBinary/Query @@ -782,15 +782,15 @@ Permission to query and read objects of type AssignedResourceBinary ### /ProvisioningPolicy/AssignedResourceBinary/Update -Permission to update objects of type AssignedResourceBinary +**Permission to update objects of type AssignedResourceBinary** ### /ProvisioningPolicy/AssignedResourceNavigation/Create -Permission to create objects of type AssignedResourceNavigation +**Permission to create objects of type AssignedResourceNavigation** ### /ProvisioningPolicy/AssignedResourceNavigation/Delete -Permission to delete objects of type AssignedResourceNavigation +**Permission to delete objects of type AssignedResourceNavigation** ### /ProvisioningPolicy/AssignedResourceNavigation/Query @@ -798,15 +798,15 @@ Permission to query and read objects of type AssignedResourceNavigation ### /ProvisioningPolicy/AssignedResourceNavigation/Update -Permission to update objects of type AssignedResourceNavigation +**Permission to update objects of type AssignedResourceNavigation** ### /ProvisioningPolicy/AssignedResourceScalar/Create -Permission to create objects of type AssignedResourceScalar +**Permission to create objects of type AssignedResourceScalar** ### /ProvisioningPolicy/AssignedResourceScalar/Delete -Permission to delete objects of type AssignedResourceScalar +**Permission to delete objects of type AssignedResourceScalar** ### /ProvisioningPolicy/AssignedResourceScalar/Query @@ -814,19 +814,19 @@ Permission to query and read objects of type AssignedResourceScalar ### /ProvisioningPolicy/AssignedResourceScalar/Update -Permission to update objects of type AssignedResourceScalar +**Permission to update objects of type AssignedResourceScalar** ### /ProvisioningPolicy/AssignedResourceType/Comment -Permission to comment objects of type AssignedResourceType +**Permission to comment objects of type AssignedResourceType** ### /ProvisioningPolicy/AssignedResourceType/Create -Permission to create objects of type AssignedResourceType +**Permission to create objects of type AssignedResourceType** ### /ProvisioningPolicy/AssignedResourceType/Delete -Permission to delete objects of type AssignedResourceType +**Permission to delete objects of type AssignedResourceType** ### /ProvisioningPolicy/AssignedResourceType/ManualProvisioningReview @@ -838,19 +838,19 @@ Permission to query and read objects of type AssignedResourceType ### /ProvisioningPolicy/AssignedResourceType/Update -Permission to update objects of type AssignedResourceType +**Permission to update objects of type AssignedResourceType** ### /ProvisioningPolicy/AssignedSingleRole/Comment -Permission to comment objects of type AssignedSingleRole +**Permission to comment objects of type AssignedSingleRole** ### /ProvisioningPolicy/AssignedSingleRole/Create -Permission to create objects of type AssignedSingleRole +**Permission to create objects of type AssignedSingleRole** ### /ProvisioningPolicy/AssignedSingleRole/Delete -Permission to delete objects of type AssignedSingleRole +**Permission to delete objects of type AssignedSingleRole** ### /ProvisioningPolicy/AssignedSingleRole/Query @@ -858,11 +858,11 @@ Permission to query and read objects of type AssignedSingleRole ### /ProvisioningPolicy/AssignedSingleRole/Update -Permission to update objects of type AssignedSingleRole +**Permission to update objects of type AssignedSingleRole** ### /ProvisioningPolicy/AutomationRule/Create -Permission to create objects of type AutomationRule +**Permission to create objects of type AutomationRule** ### /ProvisioningPolicy/AutomationRule/CreateSimulation @@ -870,7 +870,7 @@ Permission to create objects of type AutomationRule in simulation ### /ProvisioningPolicy/AutomationRule/Delete -Permission to delete objects of type AutomationRule +**Permission to delete objects of type AutomationRule** ### /ProvisioningPolicy/AutomationRule/DeleteSimulation @@ -890,7 +890,7 @@ Permission to query and read objects of type AutomationRule in simulation ### /ProvisioningPolicy/AutomationRule/Update -Permission to update objects of type AutomationRule +**Permission to update objects of type AutomationRule** ### /ProvisioningPolicy/AutomationRule/UpdateSimulation @@ -898,11 +898,11 @@ Permission to update objects of type AutomationRule in simulation ### /ProvisioningPolicy/Category/Create -Permission to create objects of type Category +**Permission to create objects of type Category** ### /ProvisioningPolicy/Category/Delete -Permission to delete objects of type Category +**Permission to delete objects of type Category** ### /ProvisioningPolicy/Category/Query @@ -910,11 +910,11 @@ Permission to query and read objects of type Category ### /ProvisioningPolicy/Category/Update -Permission to update objects of type Category +**Permission to update objects of type Category** ### /ProvisioningPolicy/CompositeRole/Create -Permission to create objects of type CompositeRole +**Permission to create objects of type CompositeRole** ### /ProvisioningPolicy/CompositeRole/CreateSimulation @@ -922,7 +922,7 @@ Permission to create objects of type CompositeRole in simulation ### /ProvisioningPolicy/CompositeRole/Delete -Permission to delete objects of type CompositeRole +**Permission to delete objects of type CompositeRole** ### /ProvisioningPolicy/CompositeRole/DeleteSimulation @@ -942,7 +942,7 @@ Permission to query and read objects of type CompositeRole in simulation ### /ProvisioningPolicy/CompositeRole/Update -Permission to update objects of type CompositeRole +**Permission to update objects of type CompositeRole** ### /ProvisioningPolicy/CompositeRole/UpdateSimulation @@ -950,7 +950,7 @@ Permission to update objects of type CompositeRole in simulation ### /ProvisioningPolicy/CompositeRoleRule/Create -Permission to create objects of type CompositeRoleRule +**Permission to create objects of type CompositeRoleRule** ### /ProvisioningPolicy/CompositeRoleRule/CreateSimulation @@ -958,7 +958,7 @@ Permission to create objects of type CompositeRoleRule in simulation ### /ProvisioningPolicy/CompositeRoleRule/Delete -Permission to delete objects of type CompositeRoleRule +**Permission to delete objects of type CompositeRoleRule** ### /ProvisioningPolicy/CompositeRoleRule/DeleteSimulation @@ -978,7 +978,7 @@ Permission to query and read objects of type CompositeRoleRule in simulation ### /ProvisioningPolicy/CompositeRoleRule/Update -Permission to update objects of type CompositeRoleRule +**Permission to update objects of type CompositeRoleRule** ### /ProvisioningPolicy/CompositeRoleRule/UpdateSimulation @@ -986,7 +986,7 @@ Permission to update objects of type CompositeRoleRule in simulation ### /ProvisioningPolicy/ContextRule/Create -Permission to create objects of type ContextRule +**Permission to create objects of type ContextRule** ### /ProvisioningPolicy/ContextRule/CreateSimulation @@ -994,7 +994,7 @@ Permission to create objects of type ContextRule in simulation ### /ProvisioningPolicy/ContextRule/Delete -Permission to delete objects of type ContextRule +**Permission to delete objects of type ContextRule** ### /ProvisioningPolicy/ContextRule/DeleteSimulation @@ -1014,7 +1014,7 @@ Permission to query and read objects of type ContextRule in simulation ### /ProvisioningPolicy/ContextRule/Update -Permission to update objects of type ContextRule +**Permission to update objects of type ContextRule** ### /ProvisioningPolicy/ContextRule/UpdateSimulation @@ -1026,11 +1026,11 @@ Permission to query and read objects of type IdentifiedRisk ### /ProvisioningPolicy/MiningRule/Create -Permission to create objects of type MiningRule +**Permission to create objects of type MiningRule** ### /ProvisioningPolicy/MiningRule/Delete -Permission to delete objects of type MiningRule +**Permission to delete objects of type MiningRule** ### /ProvisioningPolicy/MiningRule/Query @@ -1038,11 +1038,11 @@ Permission to query and read objects of type MiningRule ### /ProvisioningPolicy/MiningRule/Update -Permission to update objects of type MiningRule +**Permission to update objects of type MiningRule** ### /ProvisioningPolicy/Policy/Create -Permission to create objects of type Policy +**Permission to create objects of type Policy** ### /ProvisioningPolicy/Policy/CreateSimulation @@ -1050,7 +1050,7 @@ Permission to create objects of type Policy in simulation ### /ProvisioningPolicy/Policy/Delete -Permission to delete objects of type Policy +**Permission to delete objects of type Policy** ### /ProvisioningPolicy/Policy/DeleteSimulation @@ -1070,7 +1070,7 @@ Permission to query and read objects of type Policy in simulation ### /ProvisioningPolicy/Policy/Update -Permission to update objects of type Policy +**Permission to update objects of type Policy** ### /ProvisioningPolicy/Policy/UpdateSimulation @@ -1078,11 +1078,11 @@ Permission to update objects of type Policy in simulation ### /ProvisioningPolicy/PolicySimulation/Create -Permission to create objects of type PolicySimulation +**Permission to create objects of type PolicySimulation** ### /ProvisioningPolicy/PolicySimulation/Delete -Permission to delete objects of type PolicySimulation +**Permission to delete objects of type PolicySimulation** ### /ProvisioningPolicy/PolicySimulation/Query @@ -1090,11 +1090,11 @@ Permission to query and read objects of type PolicySimulation ### /ProvisioningPolicy/PolicySimulation/Start -Permission to start a simulation of a policy +**Permission to start a simulation of a policy** ### /ProvisioningPolicy/PolicySimulation/Update -Permission to update objects of type PolicySimulation +**Permission to update objects of type PolicySimulation** ### /ProvisioningPolicy/PredefinedFunctionQuery/Query @@ -1112,7 +1112,7 @@ Permission to compute redundant assignments and remove them. ### /ProvisioningPolicy/ResourceBinaryRule/Create -Permission to create objects of type ResourceBinaryRule +**Permission to create objects of type ResourceBinaryRule** ### /ProvisioningPolicy/ResourceBinaryRule/CreateSimulation @@ -1120,7 +1120,7 @@ Permission to create objects of type ResourceBinaryRule in simulation ### /ProvisioningPolicy/ResourceBinaryRule/Delete -Permission to delete objects of type ResourceBinaryRule +**Permission to delete objects of type ResourceBinaryRule** ### /ProvisioningPolicy/ResourceBinaryRule/DeleteSimulation @@ -1140,7 +1140,7 @@ Permission to query and read objects of type ResourceBinaryRule in simulation ### /ProvisioningPolicy/ResourceBinaryRule/Update -Permission to update objects of type ResourceBinaryRule +**Permission to update objects of type ResourceBinaryRule** ### /ProvisioningPolicy/ResourceBinaryRule/UpdateSimulation @@ -1148,7 +1148,7 @@ Permission to update objects of type ResourceBinaryRule in simulation ### /ProvisioningPolicy/ResourceClassificationRule/Create -Permission to create objects of type ResourceClassificationRule +**Permission to create objects of type ResourceClassificationRule** ### /ProvisioningPolicy/ResourceClassificationRule/CreateSimulation @@ -1156,7 +1156,7 @@ Permission to create objects of type ResourceClassificationRule in simulation ### /ProvisioningPolicy/ResourceClassificationRule/Delete -Permission to delete objects of type ResourceClassificationRule +**Permission to delete objects of type ResourceClassificationRule** ### /ProvisioningPolicy/ResourceClassificationRule/DeleteSimulation @@ -1177,7 +1177,7 @@ Permission to query and read objects of type ResourceClassificationRule in simul ### /ProvisioningPolicy/ResourceClassificationRule/Update -Permission to update objects of type ResourceClassificationRule +**Permission to update objects of type ResourceClassificationRule** ### /ProvisioningPolicy/ResourceClassificationRule/UpdateSimulation @@ -1185,7 +1185,7 @@ Permission to update objects of type ResourceClassificationRule in simulation ### /ProvisioningPolicy/ResourceCorrelationRule/Create -Permission to create objects of type ResourceCorrelationRule +**Permission to create objects of type ResourceCorrelationRule** ### /ProvisioningPolicy/ResourceCorrelationRule/CreateSimulation @@ -1193,7 +1193,7 @@ Permission to create objects of type ResourceCorrelationRule in simulation ### /ProvisioningPolicy/ResourceCorrelationRule/Delete -Permission to delete objects of type ResourceCorrelationRule +**Permission to delete objects of type ResourceCorrelationRule** ### /ProvisioningPolicy/ResourceCorrelationRule/DeleteSimulation @@ -1213,7 +1213,7 @@ Permission to query and read objects of type ResourceCorrelationRule in simulati ### /ProvisioningPolicy/ResourceCorrelationRule/Update -Permission to update objects of type ResourceCorrelationRule +**Permission to update objects of type ResourceCorrelationRule** ### /ProvisioningPolicy/ResourceCorrelationRule/UpdateSimulation @@ -1229,7 +1229,7 @@ Permission to query and read objects of type ResourceManageableAccounts ### /ProvisioningPolicy/ResourceNavigationRule/Create -Permission to create objects of type ResourceNavigationRule +**Permission to create objects of type ResourceNavigationRule** ### /ProvisioningPolicy/ResourceNavigationRule/CreateSimulation @@ -1237,7 +1237,7 @@ Permission to create objects of type ResourceNavigationRule in simulation ### /ProvisioningPolicy/ResourceNavigationRule/Delete -Permission to delete objects of type ResourceNavigationRule +**Permission to delete objects of type ResourceNavigationRule** ### /ProvisioningPolicy/ResourceNavigationRule/DeleteSimulation @@ -1257,7 +1257,7 @@ Permission to query and read objects of type ResourceNavigationRule in simulatio ### /ProvisioningPolicy/ResourceNavigationRule/Update -Permission to update objects of type ResourceNavigationRule +**Permission to update objects of type ResourceNavigationRule** ### /ProvisioningPolicy/ResourceNavigationRule/UpdateSimulation @@ -1265,7 +1265,7 @@ Permission to update objects of type ResourceNavigationRule in simulation ### /ProvisioningPolicy/ResourceQueryRule/Create -Permission to create objects of type ResourceQueryRule +**Permission to create objects of type ResourceQueryRule** ### /ProvisioningPolicy/ResourceQueryRule/CreateSimulation @@ -1273,7 +1273,7 @@ Permission to create objects of type ResourceQueryRule in simulation ### /ProvisioningPolicy/ResourceQueryRule/Delete -Permission to delete objects of type ResourceQueryRule +**Permission to delete objects of type ResourceQueryRule** ### /ProvisioningPolicy/ResourceQueryRule/DeleteSimulation @@ -1293,7 +1293,7 @@ Permission to query and read objects of type ResourceQueryRule in simulation ### /ProvisioningPolicy/ResourceQueryRule/Update -Permission to update objects of type ResourceQueryRule +**Permission to update objects of type ResourceQueryRule** ### /ProvisioningPolicy/ResourceQueryRule/UpdateSimulation @@ -1301,7 +1301,7 @@ Permission to update objects of type ResourceQueryRule in simulation ### /ProvisioningPolicy/ResourceScalarRule/Create -Permission to create objects of type ResourceScalarRule +**Permission to create objects of type ResourceScalarRule** ### /ProvisioningPolicy/ResourceScalarRule/CreateSimulation @@ -1309,7 +1309,7 @@ Permission to create objects of type ResourceScalarRule in simulation ### /ProvisioningPolicy/ResourceScalarRule/Delete -Permission to delete objects of type ResourceScalarRule +**Permission to delete objects of type ResourceScalarRule** ### /ProvisioningPolicy/ResourceScalarRule/DeleteSimulation @@ -1329,7 +1329,7 @@ Permission to query and read objects of type ResourceScalarRule in simulation ### /ProvisioningPolicy/ResourceScalarRule/Update -Permission to update objects of type ResourceScalarRule +**Permission to update objects of type ResourceScalarRule** ### /ProvisioningPolicy/ResourceScalarRule/UpdateSimulation @@ -1337,7 +1337,7 @@ Permission to update objects of type ResourceScalarRule in simulation ### /ProvisioningPolicy/ResourceType/Create -Permission to create objects of type ResourceType +**Permission to create objects of type ResourceType** ### /ProvisioningPolicy/ResourceType/CreateSimulation @@ -1345,7 +1345,7 @@ Permission to create objects of type ResourceType in simulation ### /ProvisioningPolicy/ResourceType/Delete -Permission to delete objects of type ResourceType +**Permission to delete objects of type ResourceType** ### /ProvisioningPolicy/ResourceType/DeleteSimulation @@ -1365,7 +1365,7 @@ Permission to query and read objects of type ResourceType in simulation ### /ProvisioningPolicy/ResourceType/Update -Permission to update objects of type ResourceType +**Permission to update objects of type ResourceType** ### /ProvisioningPolicy/ResourceType/UpdateSimulation @@ -1373,7 +1373,7 @@ Permission to update objects of type ResourceType in simulation ### /ProvisioningPolicy/ResourceTypeRule/Create -Permission to create objects of type ResourceTypeRule +**Permission to create objects of type ResourceTypeRule** ### /ProvisioningPolicy/ResourceTypeRule/CreateSimulation @@ -1381,7 +1381,7 @@ Permission to create objects of type ResourceTypeRule in simulation ### /ProvisioningPolicy/ResourceTypeRule/Delete -Permission to delete objects of type ResourceTypeRule +**Permission to delete objects of type ResourceTypeRule** ### /ProvisioningPolicy/ResourceTypeRule/DeleteSimulation @@ -1401,7 +1401,7 @@ Permission to query and read objects of type ResourceTypeRule in simulation ### /ProvisioningPolicy/ResourceTypeRule/Update -Permission to update objects of type ResourceTypeRule +**Permission to update objects of type ResourceTypeRule** ### /ProvisioningPolicy/ResourceTypeRule/UpdateSimulation @@ -1409,11 +1409,11 @@ Permission to update objects of type ResourceTypeRule in simulation ### /ProvisioningPolicy/Risk/Create -Permission to create objects of type Risk +**Permission to create objects of type Risk** ### /ProvisioningPolicy/Risk/Delete -Permission to delete objects of type Risk +**Permission to delete objects of type Risk** ### /ProvisioningPolicy/Risk/OverrideApproval @@ -1429,15 +1429,15 @@ Permission to query and read objects of type Risk ### /ProvisioningPolicy/Risk/Update -Permission to update objects of type Risk +**Permission to update objects of type Risk** ### /ProvisioningPolicy/RoleMapping/Create -Permission to create objects of type RoleMapping +**Permission to create objects of type RoleMapping** ### /ProvisioningPolicy/RoleMapping/Delete -Permission to delete objects of type RoleMapping +**Permission to delete objects of type RoleMapping** ### /ProvisioningPolicy/RoleMapping/Query @@ -1445,11 +1445,11 @@ Permission to query and read objects of type RoleMapping ### /ProvisioningPolicy/RoleMapping/Update -Permission to update objects of type RoleMapping +**Permission to update objects of type RoleMapping** ### /ProvisioningPolicy/SingleRole/Create -Permission to create objects of type SingleRole +**Permission to create objects of type SingleRole** ### /ProvisioningPolicy/SingleRole/CreateSimulation @@ -1457,7 +1457,7 @@ Permission to create objects of type SingleRole in simulation ### /ProvisioningPolicy/SingleRole/Delete -Permission to delete objects of type SingleRole +**Permission to delete objects of type SingleRole** ### /ProvisioningPolicy/SingleRole/DeleteSimulation @@ -1477,7 +1477,7 @@ Permission to query and read objects of type SingleRole in simulation ### /ProvisioningPolicy/SingleRole/Update -Permission to update objects of type SingleRole +**Permission to update objects of type SingleRole** ### /ProvisioningPolicy/SingleRole/UpdateSimulation @@ -1485,7 +1485,7 @@ Permission to update objects of type SingleRole in simulation ### /ProvisioningPolicy/SingleRoleRule/Create -Permission to create objects of type SingleRoleRule +**Permission to create objects of type SingleRoleRule** ### /ProvisioningPolicy/SingleRoleRule/CreateSimulation @@ -1493,7 +1493,7 @@ Permission to create objects of type SingleRoleRule in simulation ### /ProvisioningPolicy/SingleRoleRule/Delete -Permission to delete objects of type SingleRoleRule +**Permission to delete objects of type SingleRoleRule** ### /ProvisioningPolicy/SingleRoleRule/DeleteSimulation @@ -1513,7 +1513,7 @@ Permission to query and read objects of type SingleRoleRule in simulation ### /ProvisioningPolicy/SingleRoleRule/Update -Permission to update objects of type SingleRoleRule +**Permission to update objects of type SingleRoleRule** ### /ProvisioningPolicy/SingleRoleRule/UpdateSimulation @@ -1529,11 +1529,11 @@ Permission to query and read objects of type GenerateReportFileFromReportQuery ### /Report/ReportQuery/Create -Permission to create objects of type ReportQuery +**Permission to create objects of type ReportQuery** ### /Report/ReportQuery/Delete -Permission to delete objects of type ReportQuery +**Permission to delete objects of type ReportQuery** ### /Report/ReportQuery/Query @@ -1541,7 +1541,7 @@ Permission to query and read objects of type ReportQuery ### /Report/ReportQuery/Update -Permission to update objects of type ReportQuery +**Permission to update objects of type ReportQuery** ### /Resources/Incremental/Query @@ -1549,11 +1549,11 @@ Permission to query and read objects of type Resource and Resource Link incremen ### /Resources/Resource/Create -Permission to create objects of type Resource +**Permission to create objects of type Resource** ### /Resources/Resource/Delete -Permission to delete objects of type Resource +**Permission to delete objects of type Resource** ### /Resources/Resource/Query @@ -1561,7 +1561,7 @@ Permission to query and read objects of type Resource ### /Resources/Resource/Update -Permission to update objects of type Resource +**Permission to update objects of type Resource** ### /Settings/Manage @@ -1587,23 +1587,23 @@ Permission to query and read objects of type ApplicationInformationsQuery ### /UserInterface/ConnectorResourceType/Create -Permission to create objects of type ConnectorResourceType +**Permission to create objects of type ConnectorResourceType** ### /UserInterface/ConnectorResourceType/Delete -Permission to delete objects of type ConnectorResourceType +**Permission to delete objects of type ConnectorResourceType** ### /UserInterface/ConnectorResourceType/Update -Permission to update objects of type ConnectorResourceType +**Permission to update objects of type ConnectorResourceType** ### /UserInterface/DisplayEntityAssociation/Create -Permission to create objects of type DisplayEntityAssociation +**Permission to create objects of type DisplayEntityAssociation** ### /UserInterface/DisplayEntityAssociation/Delete -Permission to delete objects of type DisplayEntityAssociation +**Permission to delete objects of type DisplayEntityAssociation** ### /UserInterface/DisplayEntityAssociation/Query @@ -1611,15 +1611,15 @@ Permission to query and read objects of type DisplayEntityAssociation ### /UserInterface/DisplayEntityAssociation/Update -Permission to update objects of type DisplayEntityAssociation +**Permission to update objects of type DisplayEntityAssociation** ### /UserInterface/DisplayEntityProperty/Create -Permission to create objects of type DisplayEntityProperty +**Permission to create objects of type DisplayEntityProperty** ### /UserInterface/DisplayEntityProperty/Delete -Permission to delete objects of type DisplayEntityProperty +**Permission to delete objects of type DisplayEntityProperty** ### /UserInterface/DisplayEntityProperty/Query @@ -1627,15 +1627,15 @@ Permission to query and read objects of type DisplayEntityProperty ### /UserInterface/DisplayEntityProperty/Update -Permission to update objects of type DisplayEntityProperty +**Permission to update objects of type DisplayEntityProperty** ### /UserInterface/DisplayEntityType/Create -Permission to create objects of type DisplayEntityType +**Permission to create objects of type DisplayEntityType** ### /UserInterface/DisplayEntityType/Delete -Permission to delete objects of type DisplayEntityType +**Permission to delete objects of type DisplayEntityType** ### /UserInterface/DisplayEntityType/Query @@ -1643,15 +1643,15 @@ Permission to query and read objects of type DisplayEntityType ### /UserInterface/DisplayEntityType/Update -Permission to update objects of type DisplayEntityType +**Permission to update objects of type DisplayEntityType** ### /UserInterface/DisplayPropertyGroup/Create -Permission to create objects of type DisplayPropertyGroup +**Permission to create objects of type DisplayPropertyGroup** ### /UserInterface/DisplayPropertyGroup/Delete -Permission to delete objects of type DisplayPropertyGroup +**Permission to delete objects of type DisplayPropertyGroup** ### /UserInterface/DisplayPropertyGroup/Query @@ -1659,15 +1659,15 @@ Permission to query and read objects of type DisplayPropertyGroup ### /UserInterface/DisplayPropertyGroup/Update -Permission to update objects of type DisplayPropertyGroup +**Permission to update objects of type DisplayPropertyGroup** ### /UserInterface/DisplayTable/Create -Permission to create objects of type DisplayTable +**Permission to create objects of type DisplayTable** ### /UserInterface/DisplayTable/Delete -Permission to delete objects of type DisplayTable +**Permission to delete objects of type DisplayTable** ### /UserInterface/DisplayTable/Query @@ -1675,15 +1675,15 @@ Permission to query and read objects of type DisplayTable ### /UserInterface/DisplayTable/Update -Permission to update objects of type DisplayTable +**Permission to update objects of type DisplayTable** ### /UserInterface/DisplayTableColumn/Create -Permission to create objects of type DisplayTableColumn +**Permission to create objects of type DisplayTableColumn** ### /UserInterface/DisplayTableColumn/Delete -Permission to delete objects of type DisplayTableColumn +**Permission to delete objects of type DisplayTableColumn** ### /UserInterface/DisplayTableColumn/Query @@ -1691,7 +1691,7 @@ Permission to query and read objects of type DisplayTableColumn ### /UserInterface/DisplayTableColumn/Update -Permission to update objects of type DisplayTableColumn +**Permission to update objects of type DisplayTableColumn** ### /UserInterface/DisplayTableDesignElement/Query @@ -1703,11 +1703,11 @@ Permission to query and read objects of type EntityTypeMappingByUiContextQuery ### /UserInterface/Form/Create -Permission to create objects of type Form +**Permission to create objects of type Form** ### /UserInterface/Form/Delete -Permission to delete objects of type Form +**Permission to delete objects of type Form** ### /UserInterface/Form/Query @@ -1715,15 +1715,15 @@ Permission to query and read objects of type Form ### /UserInterface/Form/Update -Permission to update objects of type Form +**Permission to update objects of type Form** ### /UserInterface/FormControl/Create -Permission to create objects of type FormControl +**Permission to create objects of type FormControl** ### /UserInterface/FormControl/Delete -Permission to delete objects of type FormControl +**Permission to delete objects of type FormControl** ### /UserInterface/FormControl/Query @@ -1731,7 +1731,7 @@ Permission to query and read objects of type FormControl ### /UserInterface/FormControl/Update -Permission to update objects of type FormControl +**Permission to update objects of type FormControl** ### /UserInterface/HierarchyDataByEntityTypeIdQuery/Query @@ -1739,11 +1739,11 @@ Permission to query and read objects of type HierarchyDataByEntityTypeIdQuery ### /UserInterface/Indicator/Create -Permission to create objects of type Indicator +**Permission to create objects of type Indicator** ### /UserInterface/Indicator/Delete -Permission to delete objects of type Indicator +**Permission to delete objects of type Indicator** ### /UserInterface/Indicator/Query @@ -1751,15 +1751,15 @@ Permission to query and read objects of type Indicator ### /UserInterface/Indicator/Update -Permission to update objects of type Indicator +**Permission to update objects of type Indicator** ### /UserInterface/IndicatorItem/Create -Permission to create objects of type IndicatorItem +**Permission to create objects of type IndicatorItem** ### /UserInterface/IndicatorItem/Delete -Permission to delete objects of type IndicatorItem +**Permission to delete objects of type IndicatorItem** ### /UserInterface/IndicatorItem/Query @@ -1767,7 +1767,7 @@ Permission to query and read objects of type IndicatorItem ### /UserInterface/IndicatorItem/Update -Permission to update objects of type IndicatorItem +**Permission to update objects of type IndicatorItem** ### /UserInterface/PersonasByFilterQuery/Query @@ -1796,11 +1796,11 @@ Permission to query and read objects of type ResourceSelfForm ### /UserInterface/SearchBar/Create -Permission to create objects of type SearchBar +**Permission to create objects of type SearchBar** ### /UserInterface/SearchBar/Delete -Permission to delete objects of type SearchBar +**Permission to delete objects of type SearchBar** ### /UserInterface/SearchBar/Query @@ -1808,15 +1808,15 @@ Permission to query and read objects of type SearchBar ### /UserInterface/SearchBar/Update -Permission to update objects of type SearchBar +**Permission to update objects of type SearchBar** ### /UserInterface/SearchBarCriterion/Create -Permission to create objects of type SearchBarCriterion +**Permission to create objects of type SearchBarCriterion** ### /UserInterface/SearchBarCriterion/Delete -Permission to delete objects of type SearchBarCriterion +**Permission to delete objects of type SearchBarCriterion** ### /UserInterface/SearchBarCriterion/Query @@ -1824,15 +1824,15 @@ Permission to query and read objects of type SearchBarCriterion ### /UserInterface/SearchBarCriterion/Update -Permission to update objects of type SearchBarCriterion +**Permission to update objects of type SearchBarCriterion** ### /UserInterface/Tile/Create -Permission to create objects of type Tile +**Permission to create objects of type Tile** ### /UserInterface/Tile/Delete -Permission to delete objects of type Tile +**Permission to delete objects of type Tile** ### /UserInterface/Tile/Query @@ -1840,7 +1840,7 @@ Permission to query and read objects of type Tile ### /UserInterface/Tile/Update -Permission to update objects of type Tile +**Permission to update objects of type Tile** ### /UserInterface/TileDesignElement/Query @@ -1848,11 +1848,11 @@ Permission to query and read objects of type TileDesignElement ### /UserInterface/TileItem/Create -Permission to create objects of type TileItem +**Permission to create objects of type TileItem** ### /UserInterface/TileItem/Delete -Permission to delete objects of type TileItem +**Permission to delete objects of type TileItem** ### /UserInterface/TileItem/Query @@ -1860,7 +1860,7 @@ Permission to query and read objects of type TileItem ### /UserInterface/TileItem/Update -Permission to update objects of type TileItem +**Permission to update objects of type TileItem** ### /UserInterface/UserByIdentityQuery/Query @@ -1876,11 +1876,11 @@ Permission to query and read objects of type WorkflowFormByWorkflowIdQuery ### /Workflows/Activity/Create -Permission to create objects of type Activity +**Permission to create objects of type Activity** ### /Workflows/Activity/Delete -Permission to delete objects of type Activity +**Permission to delete objects of type Activity** ### /Workflows/Activity/Query @@ -1888,7 +1888,7 @@ Permission to query and read objects of type Activity ### /Workflows/Activity/Update -Permission to update objects of type Activity +**Permission to update objects of type Activity** ### /Workflows/ActivityInstance/Query @@ -1916,11 +1916,11 @@ Permission to query and read objects of type HistorizedResourceFileByWorkflowIns ### /Workflows/HomonymEntityLink/Create -Permission to create objects of type HomonymEntityLink +**Permission to create objects of type HomonymEntityLink** ### /Workflows/HomonymEntityLink/Delete -Permission to delete objects of type HomonymEntityLink +**Permission to delete objects of type HomonymEntityLink** ### /Workflows/HomonymEntityLink/Query @@ -1928,7 +1928,7 @@ Permission to query and read objects of type HomonymEntityLink ### /Workflows/HomonymEntityLink/Update -Permission to update objects of type HomonymEntityLink +**Permission to update objects of type HomonymEntityLink** ### /Workflows/UserActivityInstance/AssignedTo @@ -1948,11 +1948,11 @@ Permission to query and read objects of type UserActivityInstanceCountQuery ### /Workflows/Workflow/Create -Permission to create objects of type Workflow +**Permission to create objects of type Workflow** ### /Workflows/Workflow/Delete -Permission to delete objects of type Workflow +**Permission to delete objects of type Workflow** ### /Workflows/Workflow/Query @@ -1960,7 +1960,7 @@ Permission to query and read objects of type Workflow ### /Workflows/Workflow/Update -Permission to update objects of type Workflow +**Permission to update objects of type Workflow** ### /Workflows/WorkflowInstance/Query @@ -1972,7 +1972,7 @@ Permission to query and read objects of type WorkflowInstance ### /Workflows/WorkflowInstance/Supervise -Permission to supervise objects of type WorkflowInstance +**Permission to supervise objects of type WorkflowInstance** ### /Workflows/WorkflowInstanceData/Query diff --git a/docs/identitymanager/6.1/integration-guide/provisioning/how-tos/argumentsexpression/index.md b/docs/identitymanager/6.1/integration-guide/provisioning/how-tos/argumentsexpression/index.md index 0d108bc84a..7ce7390914 100644 --- a/docs/identitymanager/6.1/integration-guide/provisioning/how-tos/argumentsexpression/index.md +++ b/docs/identitymanager/6.1/integration-guide/provisioning/how-tos/argumentsexpression/index.md @@ -79,7 +79,7 @@ if (provisioningOrder.TryGetScalar("EmployeeId", out var employeeId) && (employe } } -return arguments;" /> +**return arguments;" />** ``` diff --git a/docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/index.md b/docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/index.md index e4b6e5e5ce..15007c18d9 100644 --- a/docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/index.md +++ b/docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/index.md @@ -18,7 +18,7 @@ The algorithm is applied by the server to a resource. It has the following respo - Purging expired assignments See the -[ Risk Management ](/docs/identitymanager/6.1/integration-guide/governance/risks/index.md) +[Risk Management](/docs/identitymanager/6.1/integration-guide/governance/risks/index.md) topic for additional information. ## Overview @@ -47,9 +47,9 @@ connectors to fulfill and fix the differences. Evaluate Policy is executed by the task `Usercube-Compute-RoleModel`, usually included in a regularly scheduled provisioning job. -See the [ Connectors ](/docs/identitymanager/6.1/integration-guide/connectors/index.md), -[ ComputeRoleModelTask ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md), -and [ Jobs ](/docs/identitymanager/6.1/integration-guide/tasks-jobs/jobs/index.md) +See the [Connectors](/docs/identitymanager/6.1/integration-guide/connectors/index.md), +[ComputeRoleModelTask](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md), +and [Jobs](/docs/identitymanager/6.1/integration-guide/tasks-jobs/jobs/index.md) topics for additional information. ## The Algorithm Steps @@ -83,19 +83,22 @@ To improve execution time, two optimizations are used: - Usercube only selects resources for which a new assignment computation is needed. They are resources updated during the last incremental synchronization, and resources that depend on them. They are identified by the dirty flag, set during incremental synchronization. See the - [ Upward Data Synchronization ](/docs/identitymanager/6.1/integration-guide/synchronization/upward-data-sync/index.md) + [Upward Data Synchronization](/docs/identitymanager/6.1/integration-guide/synchronization/upward-data-sync/index.md) topic for additional information. -**NOTE:** For very few edge cases, dependencies between resource values can be difficult to identify +:::note +For very few edge cases, dependencies between resource values can be difficult to identify within Usercube. An example involves entity property expressions using [LINQ](https://docs.microsoft.com/en-us/dotnet/csharp/programming-guide/concepts/linq/) syntax. See the -[ EntityType ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)topic +[EntityType](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)topic for additional information. A second- or third-order binding used in such an expression actually defines a dependency. But Usercube does not account for it, because of performance-reliability trade-offs. That means a resource `R1`, using such an expression to compute one of its properties values from another resource `R2` property value, might not be updated even if `R2` has been updated by incremental synchronization. This too can be fixed by using complete synchronization once a day. +::: + **Step 2 –** **Compute expected assignments** @@ -116,8 +119,8 @@ The list contains: To build the list, the algorithm first goes through composite role rules, single role rules, resource type rules, navigation rules, and applies them in that order. See the -[ CompositeRoleRule ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/compositerolerule/index.md), -[ SingleRoleRule ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md), +[CompositeRoleRule](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/compositerolerule/index.md), +[SingleRoleRule](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md), and [Resource Type](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topics for additional information. This takes care of automatic assignments. Every step influences @@ -137,10 +140,10 @@ with the assignment rules, and are displayed in the Resource Reconciliation scre Let's detail the rule enforcement mechanisms. -Match context rules +**Match context rules** Dimensions are really the basis of an assignment process. See the -[ Entitlement Management ](/docs/identitymanager/6.1/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.1/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Before starting, a context rule is applied, giving for the input resource: @@ -150,10 +153,10 @@ Before starting, a context rule is applied, giving for the input resource: ![Computing Context For Input Resource](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/enforce-context.webp) -Computing expected role assignments +**Computing expected role assignments** Role assignments, on the other hand, are the outcome of the assignment process. See the -[ Entitlement Management ](/docs/identitymanager/6.1/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.1/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Role assignments are the output of composite role rules and single role rules enforcement. The @@ -163,10 +166,10 @@ resource-identity. ![Computing Expected Role Assignments](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/compute-expected-1.webp) -Enforcing composite role rules +**Enforcing composite role rules** The first rules that are enforced are the composite role rules. See the -[ CompositeRoleRule ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/compositerolerule/index.md)topic +[CompositeRoleRule](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/compositerolerule/index.md)topic for additional information. For every selected resource, this step enforces composite role rules. That means assigning a @@ -181,12 +184,15 @@ Then automation rules are enforced on assigned composite roles. See the [Automation Rule](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md) topic for additional information. -**NOTE:** Enforcing automation rules on an assignment means to find, for each assignment, the +:::note +Enforcing automation rules on an assignment means to find, for each assignment, the matching automation rule, looking at the last review or the creation date, comparing it to the time defined in the rule and, if needed, apply the rule decision that may approve or decline the assignment. +::: + -Enforcing single role rules +**Enforcing single role rules** Then, single role rules are enforced. That means assigning a specific single role to the input resource based on its context and existing assigned composite roles, i.e. the composite roles @@ -202,10 +208,10 @@ expected assignments list. Then automation rules are enforced on assigned single roles. -Expected provisioning assignments +**Expected provisioning assignments** Fulfillment is just the consequence of the role assignment process. See the -[ Entitlement Management ](/docs/identitymanager/6.1/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.1/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Provisioning-orders-to-be are the output of resource type rules, navigation rules and scalar rules. @@ -219,7 +225,7 @@ topic for additional information. ![Computing Expected Provisioning Assignments](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/compute-expected-2.webp) -Enforcing resource type rules +**Enforcing resource type rules** Resource type rules are enforced. This means creating and adding assigned resource types to the expected assignments list. This means enforcing the need for a resource of that type to be created @@ -235,7 +241,7 @@ act of assigning a resource to an owner almost always is the consequence of a ro cases for which a single, isolated resource, is "assigned" (i.e. created with specific values) is rare and is more of a solution to a specific technical problem. -Enforcing navigation rules +**Enforcing navigation rules** Finally, navigation rules are enforced. They aim to complete the information about the resource to be created because of the assigned resource types. If the type rule is the what, this is the how. @@ -254,7 +260,7 @@ provisioning-order-to-be, of assigning a role to a resource. This means also no assigned resource type, no navigation assignment. Resource type rules are a prerequisite for the associated navigation rules to be enforced. -Enforcing scalar rules +**Enforcing scalar rules** Finally, the scalar rules associated with the target's resource type are enforced and become assigned resource scalars that will also result in a provisioning order. @@ -368,7 +374,7 @@ non conforming values in the managed systems that need to be fixed. That list will eventually become provisioning orders that will be sent to the agent for fulfillment. -What constitutes a difference? +**What constitutes a difference?** Expected resource and their values not matching the existing resource and their value, for an existing assignment with an `Applied` or `Executed` provisioning state. @@ -457,8 +463,11 @@ Differences are displayed in the following screens: - **Redundant Assignments** displays `Approved` assigned roles and assigned resource types tagged as eligible to be turned into `Calculated`. -_Remember,_ **Role Review** is a little bit different as it displays manually requested assignments +:::tip +Remember, **Role Review** is a little bit different as it displays manually requested assignments waiting for manual approval. +::: + ### A target value to update diff --git a/docs/identitymanager/6.1/integration-guide/role-assignment/how-tos/infer-single-roles/index.md b/docs/identitymanager/6.1/integration-guide/role-assignment/how-tos/infer-single-roles/index.md index bce9f4eef8..4820ff3368 100644 --- a/docs/identitymanager/6.1/integration-guide/role-assignment/how-tos/infer-single-roles/index.md +++ b/docs/identitymanager/6.1/integration-guide/role-assignment/how-tos/infer-single-roles/index.md @@ -34,7 +34,7 @@ A CompositeRole is created in the same way as a SingleRole. ``` - +**** ``` @@ -47,7 +47,7 @@ The CompositeRoleRule can be limited with the use of dimensions. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/role-assignment/how-tos/restrict-assignment/index.md b/docs/identitymanager/6.1/integration-guide/role-assignment/how-tos/restrict-assignment/index.md index c3fbd074c4..dce0ebc8d2 100644 --- a/docs/identitymanager/6.1/integration-guide/role-assignment/how-tos/restrict-assignment/index.md +++ b/docs/identitymanager/6.1/integration-guide/role-assignment/how-tos/restrict-assignment/index.md @@ -48,7 +48,7 @@ case. ``` - +**** ``` @@ -56,7 +56,7 @@ D1 represents the dimension whose ColumnMapping="1". ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/synchronization/upward-data-sync/index.md b/docs/identitymanager/6.1/integration-guide/synchronization/upward-data-sync/index.md index 45e8867977..35a2afe761 100644 --- a/docs/identitymanager/6.1/integration-guide/synchronization/upward-data-sync/index.md +++ b/docs/identitymanager/6.1/integration-guide/synchronization/upward-data-sync/index.md @@ -408,7 +408,7 @@ Thresholds are ignored in _initial_ mode. The task's argument ```-force``` can be used to ignore thresholds. ---- +**---** Next, a word about the assignment policy. ```` diff --git a/docs/identitymanager/6.1/integration-guide/tasks-jobs/how-tos/fulfillldap/index.md b/docs/identitymanager/6.1/integration-guide/tasks-jobs/how-tos/fulfillldap/index.md index b8249706e0..dcab87ba1d 100644 --- a/docs/identitymanager/6.1/integration-guide/tasks-jobs/how-tos/fulfillldap/index.md +++ b/docs/identitymanager/6.1/integration-guide/tasks-jobs/how-tos/fulfillldap/index.md @@ -39,12 +39,10 @@ appsettings.agent.json "Connections": { ... "ADFulfillment": { - "Servers": [ - { + "Servers": [{ "Server": "paris.contoso.com", "BaseDN": "DC=paris,DC=com" - } - ], + }], "AuthType": "Basic", "Login": "CN=exampleCn,DC=exampleDc1,DC=exampleDc2", "Password": "Password", diff --git a/docs/identitymanager/6.1/integration-guide/tasks-jobs/how-tos/jobdaily/index.md b/docs/identitymanager/6.1/integration-guide/tasks-jobs/how-tos/jobdaily/index.md index fbda0239ba..0afe8c8456 100644 --- a/docs/identitymanager/6.1/integration-guide/tasks-jobs/how-tos/jobdaily/index.md +++ b/docs/identitymanager/6.1/integration-guide/tasks-jobs/how-tos/jobdaily/index.md @@ -24,7 +24,7 @@ In the following example the Synchronization job for the Connector "AD" will be ``` - +**** ``` @@ -117,7 +117,7 @@ Example : ``` - +** ** ``` diff --git a/docs/identitymanager/6.1/integration-guide/tasks-jobs/how-tos/jobfast/index.md b/docs/identitymanager/6.1/integration-guide/tasks-jobs/how-tos/jobfast/index.md index 008e2e9ba1..e1003ddbf6 100644 --- a/docs/identitymanager/6.1/integration-guide/tasks-jobs/how-tos/jobfast/index.md +++ b/docs/identitymanager/6.1/integration-guide/tasks-jobs/how-tos/jobfast/index.md @@ -23,7 +23,7 @@ In the following example the Synchronization job for the Connector "AD" will be ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md index bca60556d7..930830b2d4 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md @@ -267,7 +267,7 @@ attribute, only `SourceExpression`. Literal expressions are not available for ru ``` - +**** diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/expressions/predefined-functions/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/expressions/predefined-functions/index.md index 8ac84610e2..a73f6a637e 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/expressions/predefined-functions/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/expressions/predefined-functions/index.md @@ -8,14 +8,14 @@ sidebar_position: 20 Usercube provides a set of predefined functions that simplify the configuration of entity property expressions and scalar rules. See the -[ EntityType ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) +[EntityType](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and [Resource Type](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topics for additional information. Unlike C# expressions, Usercube's predefined functions do not need any prefix. They can be used as such. See the -[ C# utility functions ](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/csharp-utility-functions/index.md) +[C# utility functions](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/csharp-utility-functions/index.md) topic for additional information. ### Examples diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/recommendations/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/recommendations/index.md index 77176b9405..7d702f3181 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/recommendations/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/recommendations/index.md @@ -44,12 +44,10 @@ Configure auto-completion by proceeding as follows: ``` "settings": { - "xml.fileAssociations": [ - { + "xml.fileAssociations": [{ "systemId": "file:///C:/identitymanagerDemo/identitymanager-configuration.xsd", "pattern": "**/*.xml" - } - ] + }] } ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md index a31697d7f6..2c5809b314 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md @@ -36,9 +36,12 @@ script in the command line. AccessControlEntry grants or denies a permission to a user. Access Control Entries are part of an Access Control Rule that defines the users scope of responsibility in the Usercube UI/Workflows. -**NOTE:** If your configuration contains an access control entry with `Permission="/"` and +:::note +If your configuration contains an access control entry with `Permission="/"` and `CanExecute="true"` then an error will occur during the configuration deployment, as a profile should not possess such a big permission. +::: + ### Properties @@ -59,8 +62,11 @@ An access control filter restricts the application of the access control rule to the data set. The rule will give the specified permissions to the profile only on the parts of the rule's data set for which the filter's condition is met. -_Remember,_ the ViewHistory permission (/Custom/Resources/Entity_Type/ViewHistory) does not work if +:::tip +Remember, the ViewHistory permission (/Custom/Resources/Entity_Type/ViewHistory) does not work if a filter is added. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -80,7 +86,7 @@ This condition is actually a comparison expression between two elements: ### Examples -Filter on a constant value +**Filter on a constant value** The following example gives to the `Administrator` profile certain permissions on user data, but only concerning users working in the marketing department. @@ -100,7 +106,7 @@ script in the command line. Technically speaking, the filter here says that the rule's permissions apply only on users from `Directory_User` whose `Code` of `MainOrganization` is `Marketing`. -Filter on the account of the current user +**Filter on the account of the current user** The following example gives to the `Manager` profile certain permissions on user data, but only concerning users from the team managed by the current user. @@ -169,7 +175,7 @@ Technically speaking, the filter here says that the rule's permissions apply onl single roles whose `Id` of the `Category` of the `SingleRole` is the same identifier as the value set for the `Category` property of the current user, in at least one of their assigned profiles. -Multiple filters +**Multiple filters** The following example gives to the `RoleOfficerByCategory` profile the permission to review the roles of users from `Directory_User`, but only the roles of a category assigned to the current user, @@ -202,11 +208,11 @@ single roles: | ---------------------------------- | --------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Binding required | Int64 | Binding of the property whose value is to be checked to restrict the application of the rule's permissions. **NOTE:** The binding must be based on the entity type defined in the access control rule. | | Category default value: false | Boolean | True to compare the value specified by the binding to the categories of the current user's assigned profiles. | -| CompositeRole default value: false | Boolean | True to compare the value specified by the binding to the composite roles of the current user's assigned profiles. See the [ AssignedProfile ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | +| CompositeRole default value: false | Boolean | True to compare the value specified by the binding to the composite roles of the current user's assigned profiles. See the [AssignedProfile](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | | CurrentUser default value: false | Boolean | True to compare the value specified by the binding to the identifier of the account used by the current user to authenticate to Usercube. **NOTE:** The current user is the owner of the profile, allowed by the access control rule to perform an action and/or receive a notification. `CurrentUser` is tightly linked to the configuration of the `SelectUserByIdentityQueryHandlerSetting`. | -| Dimension optional | Int64 | Identifier of the dimension whose value(s), from the user's assigned profiles, are to be compared to the value specified by the binding. See [ Dimension ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) and [ AssignedProfile ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topics for additional information. | +| Dimension optional | Int64 | Identifier of the dimension whose value(s), from the user's assigned profiles, are to be compared to the value specified by the binding. See [Dimension](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) and [AssignedProfile](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topics for additional information. | | Group optional | String | Group that the filter is part of. The access control rule filters the permissions by using the union (OR) of all filter groups, and the intersection (AND) of all filters within a group. **NOTE:** When not specified, the filter is part of the default group. | | Operator default value: 0 | AccessControlFilterOperator | Comparison operator. 0 - Equals. 1 - NotEquals. | -| ResourceType default value: false | Boolean | True to compare the value specified by the binding to the resource types of the current user's assigned profiles. See the [ AssignedProfile ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | -| SingleRole default value: false | Boolean | True to compare the value specified by the binding to the single roles of the current user's assigned profiles. See the [ AssignedProfile ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | +| ResourceType default value: false | Boolean | True to compare the value specified by the binding to the resource types of the current user's assigned profiles. See the [AssignedProfile](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | +| SingleRole default value: false | Boolean | True to compare the value specified by the binding to the single roles of the current user's assigned profiles. See the [AssignedProfile](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | | Value optional | String | Hard coded value to be compared to the value specified by the binding. | diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md index 26401f5e0b..8f323864de 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md @@ -28,7 +28,7 @@ The following code declares a clientId with the Administrator profile. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profile/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profile/index.md index 61e92aeb2c..480e0ccbcd 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profile/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profile/index.md @@ -13,7 +13,7 @@ Rule and Profile Rule to describe who can do what. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md index b0951c2762..309950c9db 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md @@ -19,7 +19,7 @@ lower or equal to -2. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md index 9bbf621486..a41aab1a95 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md @@ -44,8 +44,8 @@ script in the command line. | Property | Type | Description | | ----------------------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| B0 optional | Int64 | Represents the first dimension binding definition. The 127 other dimension bindings can be referred to by 127 more parameters from B1 to B3V following the base32hex convention. See the [ Base32 Parameter Names ](/docs/identitymanager/6.1/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | +| B0 optional | Int64 | Represents the first dimension binding definition. The 127 other dimension bindings can be referred to by 127 more parameters from B1 to B3V following the base32hex convention. See the [Base32 Parameter Names](/docs/identitymanager/6.1/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | | IsDenied default value: false | Boolean | Profile denied to the user when matched. | | Profile required | Int64 | Identifier of the profile rule. | -| RootExpression optional | String | C# expression to apply on the source entity type of the context resource type. See the [ Expressions ](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. | -| SubExpression optional | String | C# expression to apply on the target entity type of the context resource type. See the [ Expressions ](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. | +| RootExpression optional | String | C# expression to apply on the source entity type of the context resource type. See the [Expressions](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. | +| SubExpression optional | String | C# expression to apply on the target entity type of the context resource type. See the [Expressions](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. | diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md index aaec1f4559..082defa1c1 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md @@ -18,7 +18,7 @@ The following example builds a universe called `Universe1`: ``` - +**** diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md index a928a4f838..6cda043b7f 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md index f096399540..9e1950482a 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md @@ -13,7 +13,7 @@ resource types, and launch generate provisioning orders and fulfillment from the ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md index c82c52a383..6108bef50d 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates the permissions to configure the Workforce Core Solution module and co ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md index 95575cf429..8925c5de39 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md @@ -20,7 +20,7 @@ The entity instances generated by the scaffolding will have: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md index 121a2c52f4..f82f92207c 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md @@ -15,7 +15,7 @@ part in dashboard of the user interface. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md index 224587f5a0..d48c241d9c 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md @@ -13,7 +13,7 @@ AssignedResourceTypes. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md index bea3c756b4..4961b77f73 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md @@ -20,7 +20,7 @@ The entity instances generated by the scaffolding will have: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md index 6d4e2bbc41..db0a1531ed 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md @@ -16,7 +16,7 @@ retrieved by these APIs. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md index 3b6317cb68..1b25601402 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md @@ -14,7 +14,7 @@ MicrosoftEntraID�). This right corresponds to the permission to use ResourceTy ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md index a3839046d2..c357717cb3 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md @@ -13,7 +13,7 @@ synchronization for a given profile. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md index cfba393eaa..e7fdc3d593 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates access control to send notification when job finish with an error stat ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md index 8c0716981f..1de24735a7 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates the rights to read task and job instances logs in UI for a given profi ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md index a198ba19dc..614c07e5d1 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates access control to send notification when a relaunch job finish with an ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md index 925f750a5f..cd7eb66c1c 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md @@ -13,7 +13,7 @@ profile. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md index 453d53d291..1018ac4b2c 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates all rights to have the access to job administration page. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md index 16a3134423..432a0af35a 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md @@ -12,7 +12,7 @@ Generates the execution rights to launch Fulfillment workflow for a given profil ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md index 277585db1a..fd85c59e1e 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md @@ -13,7 +13,7 @@ screen. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md index c67a97198f..787cc6feac 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md @@ -18,7 +18,7 @@ query assigned profiles. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md index 6e5bc61296..1ebc8626e6 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md @@ -23,7 +23,7 @@ profiles. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md index 1f7cfda461..d3c6ebe87b 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the navigation to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md index 37ef98e492..b486a72812 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md @@ -16,7 +16,7 @@ allows to generate a default report for an entity: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md index c084e896af..c0bea8bc96 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md @@ -15,7 +15,7 @@ The following example gives the permission to access the query page to the admin ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md index 55f53b4e33..a1cb216fb1 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md @@ -13,7 +13,7 @@ modified incrementally ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md index 46f537cd68..6aba5176c2 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md @@ -16,7 +16,7 @@ query resources from `Directory_User`. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md index c21dbeaa19..dc133d639e 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md @@ -12,7 +12,7 @@ Creates the reading right of the resource picker. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md index c136fa9d1c..373c2489af 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md @@ -15,7 +15,7 @@ displays the resources of the `Directory_UserType` entity type, as well as its s ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md index e4811f9ab2..0a9860206d 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md @@ -13,7 +13,7 @@ resources history of the specified entity type. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md index 46bcf90fe8..3c53abf684 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md @@ -13,7 +13,7 @@ basket. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md index a10372380a..246d6ca40d 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md @@ -11,7 +11,7 @@ review of multiple manual provisioning items for the `Directory_User` entity typ ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkresourcereconciliationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkresourcereconciliationaccesscontrolrules/index.md index 250aff59fb..faae1e4ad9 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkresourcereconciliationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkresourcereconciliationaccesscontrolrules/index.md @@ -20,7 +20,7 @@ The scaffolding generates the following scaffoldings: - ReconciliateResourcesAccessControlRules: Generates the permissions to access the resource reconciliation pages for a given entity type and profile. See the - [ ReconciliateResourcesAccessControlRules ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) + [ReconciliateResourcesAccessControlRules](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) topic for additional information. ## Properties diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md index 1b21489a0e..ba9658625c 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md @@ -11,7 +11,7 @@ review of multiple pending provisioning orders for the `Directory_User` entity t ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md index 9797444cac..5c8bbd97d3 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md @@ -20,7 +20,7 @@ otherwise the information of the entity type cannot be displayed on this screen. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md index dae996a08e..1078099dae 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md @@ -19,7 +19,7 @@ EntityType to be filled in the Scaffolding. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md index 8cad50a911..eac90c8c5c 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md index d1bd2949b7..8bb0c57eac 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md @@ -20,7 +20,7 @@ Assignment** page and perform redundant-assignment related actions. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md index f49cbbde71..a12a3ecbd0 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md @@ -18,7 +18,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md index 8d9dcd2a06..5b6e264164 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md index 8d88d65320..e78d4de7e2 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 130 ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md index 3a6daf6e36..52dc62e669 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md @@ -29,7 +29,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md index d657825133..a1eee75410 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md @@ -13,7 +13,7 @@ naming conventions. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md index a3f9021875..517ff06651 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 10 ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md index 3dda9a7d8a..78f7dd51a9 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 20 ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md index ecce8fdf24..3ee44c897c 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md @@ -20,7 +20,7 @@ users from `Directory_User`. ``` - +**** In order to see AD accounts once clicking on the button: diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md index 0bdc25ee0b..f049a6feeb 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md @@ -25,7 +25,7 @@ The scaffolding generates the following scaffoldings: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md index cd79d58b43..12710c786f 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 20 ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md index 549df50e79..8f485d638b 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md @@ -23,7 +23,7 @@ DashBoard shortcut: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md index 382fe2d714..b737f28c1f 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 40 ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md index f67c9f85a6..7a83110ebb 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md index 31ac44da03..d12acd9ffb 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md @@ -24,7 +24,7 @@ If you are using a CSV connector with files in incremental mode, you must specif ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md index 53d43447a8..3655a2448e 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md @@ -15,7 +15,7 @@ no display name is defined. ``` - +**** ``` @@ -26,7 +26,7 @@ in `Directory_Country`, when no display name is defined. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md index 0401bb5ae1..16829d30fb 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md @@ -15,7 +15,7 @@ the table. Otherwise, the only scalar property displayed in the table is the int ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md index 0450ad549d..7091c53f02 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md @@ -18,7 +18,7 @@ table. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md index 4910eff086..d13210aa79 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md @@ -14,7 +14,7 @@ The design element for this displaytable is resourcetable. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md index e435db7513..2a7a0fc9f0 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md @@ -12,7 +12,7 @@ Creates the search bar for the entity without criteria. ``` - +**** ``` @@ -28,6 +28,6 @@ Our example generates the following configuration: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md index af3356685b..700ae0418f 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md @@ -12,7 +12,7 @@ Creates the Item menu for the entity's report so that it is displayed in the rep ``` - +**** ``` @@ -28,6 +28,6 @@ Our example generates the following configuration: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md index 63a664bb78..46c650887e 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md @@ -21,7 +21,7 @@ scaffolding, the names of these 3 workflows must comply with the following stand ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md index 630347f6f1..64cd0e1867 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md @@ -10,7 +10,7 @@ sidebar_position: 20 ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md index ca343afacd..0619c42f3d 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md @@ -10,7 +10,7 @@ sidebar_position: 30 ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md index 0294cd2aa6..5692a40177 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md @@ -10,7 +10,7 @@ sidebar_position: 40 ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md index 00db86149e..bdeb730fde 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md @@ -10,7 +10,7 @@ sidebar_position: 50 ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md index c4f9d2cc09..1c9fe6c53d 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md @@ -13,7 +13,7 @@ create the association between this new entity and the starting entity. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md index 1d7dd0b578..dd141bb78b 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md @@ -10,7 +10,7 @@ sidebar_position: 70 ``` - +**** ``` @@ -26,6 +26,6 @@ Our example generates the following configuration: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md index 0c5f83a58b..29bd690e83 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md @@ -15,7 +15,7 @@ launch this scaffolding. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md index 287d6060e3..c23e4bdf61 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md @@ -15,7 +15,7 @@ this scaffolding. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md index 8b846eaf86..918b31e879 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md @@ -10,7 +10,7 @@ sidebar_position: 100 ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md index 0391382780..f335ca71f2 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md @@ -12,7 +12,7 @@ Creates the job to clean old tasks and jobs instances with state InProgress ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createaccesscertificationjob/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createaccesscertificationjob/index.md index 1197fa1396..703eba2cdb 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createaccesscertificationjob/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createaccesscertificationjob/index.md @@ -12,7 +12,7 @@ Creates the AccessCertification Job. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchrocomplete/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchrocomplete/index.md index 19b89a1078..695a585cc9 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchrocomplete/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchrocomplete/index.md @@ -15,7 +15,7 @@ Usercube-Get-JobSteps.exe ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchroincremental/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchroincremental/index.md index f4c7c42630..986118f0ad 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchroincremental/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchroincremental/index.md @@ -16,7 +16,7 @@ Usercube-Get-JobSteps.exe ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md index c17d9d1450..df71e760e3 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md @@ -12,7 +12,7 @@ Creates all jobs by connector to launched task in the connector page. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createinitializationjob/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createinitializationjob/index.md index 9b68907dbf..5f648529df 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createinitializationjob/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createinitializationjob/index.md @@ -12,7 +12,7 @@ Creates the Initialization Job for the given agent. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md index f1e086a018..c3455ebe2b 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md @@ -33,7 +33,7 @@ The following example optimized the DisplayTable `Directory_User` ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md index 99d4c01376..c60630655c 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md @@ -14,7 +14,7 @@ The entity must have a displayTable to be able to use this scaffolding. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md index d4ffdc0ebc..51582200cc 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md @@ -166,7 +166,7 @@ It generates: ``` - +**** One entity instance for the entity type Directory_User: @@ -174,7 +174,7 @@ It generates: One association instance and one entity instance per navigation property: ... - +**** ``` @@ -205,7 +205,7 @@ It generates: ``` - +**** One entity instance for the entity type Directory_User. @@ -217,7 +217,7 @@ It generates: Same for all resource types. ... - +**** ``` @@ -269,7 +269,7 @@ It generates: ``` - +**** One entity instance for the entity type Directory_User. diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md index 8a1c60d3e8..f466bc2826 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md @@ -37,7 +37,7 @@ The scaffolding generates the following scaffoldings: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md index e509b00a8f..f9fcc49a1a 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md @@ -31,7 +31,7 @@ The scaffolding generates the following scaffoldings: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md index fa37e27416..3bdbdaf05d 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md @@ -30,7 +30,7 @@ job instances, task instances and logs: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md index ce6af11344..02b58ef154 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md @@ -20,7 +20,7 @@ The scaffolding generates the following scaffoldings: ``` - +**** ``` @@ -36,6 +36,6 @@ Our example generates the following configuration: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md index b8316bdf8e..d1d952f3a2 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md @@ -24,7 +24,7 @@ The scaffolding generates the following scaffoldings: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md index 1f61c7df32..90b1877fb8 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md @@ -28,7 +28,7 @@ The scaffolding generates the following scaffoldings: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md index df092ee874..6c1f984d34 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md @@ -25,7 +25,7 @@ The following example implements a default display name for resources from the ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md index 21130856ff..85258e7458 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md @@ -26,7 +26,7 @@ the `Administrator` profile the permissions to view the resources. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/connection/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/connection/index.md index 1fb4e5801a..2e830bb1ab 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/connection/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/connection/index.md @@ -17,7 +17,7 @@ package `Usercube.AD@0000001` with only the export task and not the fulfill task ``` - +**** ``` @@ -31,12 +31,10 @@ appsettings.agent.json "Connections": { ... "ADExportFulfillment": { - "Servers": [ - { + "Servers": [{ "Server": "contoso.server.com", "BaseDN": "DC=contoso,DC=com" - } - ], + }], "AuthType": "Basic", "Login": "Contoso", "Password": "ContOso$123456789", diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md index e352d18e1d..e1dffdbf0d 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md @@ -31,7 +31,7 @@ least 8 lowercase characters, 4 uppercase characters, 2 digits and 2 symbols. ``` - +**** ``` @@ -43,7 +43,7 @@ least 8 lowercase characters, 4 uppercase characters, 2 digits and 2 symbols. ``` - +**** ``` @@ -58,7 +58,7 @@ character. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/manualprovisioningresourcetypemapping/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/manualprovisioningresourcetypemapping/index.md index f99aa55593..88a43fac07 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/manualprovisioningresourcetypemapping/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/manualprovisioningresourcetypemapping/index.md @@ -12,7 +12,7 @@ Any resource type mapping must be configured with the same identifier as the rel ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/scimresourcetypemapping/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/scimresourcetypemapping/index.md index 6fa89c2f0b..758aed83c2 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/scimresourcetypemapping/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/scimresourcetypemapping/index.md @@ -12,7 +12,7 @@ Any resource type mapping must be configured with the same identifier as the rel ``` - +** ** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md index 2368839284..b2efa4f1a6 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md @@ -14,7 +14,7 @@ An activity Instance can have at most 20 actors. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md index 50a6c0a872..111327c142 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md @@ -16,7 +16,7 @@ For every **EntityType**, a matching SQL view is created from the UR_Resource ta ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md index 3d141750ba..b7e6dda1ba 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md @@ -17,7 +17,7 @@ changes in ServiceNow. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md index f93a0c31d5..1036acaa41 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md @@ -12,7 +12,7 @@ Launches on agent side a powershell script given as input. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md index 9a9589d9d8..23e96591cd 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md @@ -20,7 +20,7 @@ The following example applies all role naming rules linked to the AD connector. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md index 6a1d30e77e..5e2b9d32f9 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md @@ -16,7 +16,7 @@ task insert a new line in this table: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md index 82c8b05d14..3ab2edbe18 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md @@ -13,7 +13,7 @@ update or delete. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md index 22ec00d719..f1305672f6 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md @@ -17,7 +17,7 @@ changes in ServiceNow. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/generateprovisioningorderstask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/generateprovisioningorderstask/index.md index e1da90d0c4..e1469b3c38 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/generateprovisioningorderstask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/generateprovisioningorderstask/index.md @@ -20,7 +20,7 @@ with a resourceType list. Then changes the provisioningState of the resources co ``` - +** ** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md index f89242b9d3..d5980b758d 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md @@ -19,7 +19,7 @@ SingleRoles and CompositesRoles and set it up in the system. ``` - +** ** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md index 1582fd55b7..efc2dd2d88 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md @@ -12,7 +12,7 @@ Launches on agent side a powershell script given as input. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md index 849fa2f61d..205614a013 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md @@ -12,7 +12,7 @@ Maintain indexes and update statistics for all database tables. Also cleans up d ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md index b863919b2c..b6d8fd4377 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md @@ -13,7 +13,7 @@ Initialize historization tables by setting each entity's first record `ValidFrom ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md index 040974ba63..c5e137fb63 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md @@ -23,7 +23,7 @@ past. This update affects the following properties: ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md index 451b789ca7..a2af9746b8 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md @@ -18,7 +18,7 @@ notifications concerning the `Directory_User` entity type. ``` - +** ** Knowing that we have for example: diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md index 08503fd604..27c596bea3 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md @@ -12,7 +12,7 @@ Assign access certification items to users according to their profiles and the a ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md index c884abc94c..16108c1004 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md @@ -25,7 +25,7 @@ tables** (option `DoNotDeleteChanges` set to `true`). ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md index 1e541b2b0f..fa602faadd 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md @@ -20,7 +20,7 @@ Collection must be done by the ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md index 74041597ee..f231ad4892 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md @@ -17,7 +17,7 @@ and fill the database with them. ``` - < +**<** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md index d45a05cdcc..2aa612003f 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md @@ -15,7 +15,7 @@ You must set up the ResourceClassificationRule on resourceTypes to be able to us ``` - +** ** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md index 1dbdb3063b..ab025eba2b 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md @@ -13,7 +13,7 @@ in the database. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md index 17a9a1bd1f..70ebe3e3f1 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md @@ -18,7 +18,7 @@ store the dimension value in the assignment rule tables. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md index ae90ce2378..3ade39656d 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md @@ -30,7 +30,7 @@ several users, and one user to several groups. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md index 739990318d..288e9b4b22 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md @@ -56,7 +56,7 @@ For example, the below `Dimension1` attribute references a _Title_ entity by its ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/language/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/language/index.md index a410b5dda7..95848ee1cb 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/language/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/language/index.md @@ -14,7 +14,7 @@ The following example declares a new language. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/appdisplaysetting/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/appdisplaysetting/index.md index 0d4fc5b265..c2a568ca4a 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/appdisplaysetting/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/appdisplaysetting/index.md @@ -36,11 +36,11 @@ The following example sets: The following example disables the counters that are usually visible on the dashboard: -> ![AppDisplay - Without Counters](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/appdisplaysetting/appdisplaysetting_counters_v603.webp) +**> ![AppDisplay - Without Counters](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/appdisplaysetting/appdisplaysetting_counters_v603.webp)** ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md index d733902ad7..91d15f4d88 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md @@ -12,7 +12,7 @@ Used to track the current configuration version. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md index 2ca9c530b6..9a8ee4cc2e 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md @@ -13,7 +13,7 @@ the email addresses contained by the `Email` property. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md index 6942c4b19b..dbc543fb41 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md @@ -19,7 +19,7 @@ including at least one digit, one lowercase letter, one uppercase and one specia ``` - +**** ``` @@ -28,4 +28,17 @@ including at least one digit, one lowercase letter, one uppercase and one specia | Property | Details | | --------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Identifier default value: PasswordTests | **Type** String **Description** Unique identifier of the setting. | -| PasswordRegex optional | **Type** String **Description** Regular expression(s) (regex) that users' passwords must match to be acceptable when set manually. When setting several regex, passwords must match all of them to be considered strong, and 70% to be considered average. Below that, a password is considered weak and cannot be confirmed. **Default value:**`'^..*$', '^...*$', '^....*$', '^.....*$', '^......*$', '^.......*$', '^........*$', '^.........*$', '^..........*$', '^.*[0-9].*$', '^.*[a-z].*$', '^.*[A-Z].*$', '^.*[^A-Za-z0-9].*$'` | +| PasswordRegex optional | **Type** String **Description** Regular expression(s) (regex) that users' passwords must match to be acceptable when set manually. When setting several regex, passwords must match all of them to be considered strong, and 70% to be considered average. Below that, a password is considered weak and cannot be confirmed. **Default value:**`'^..* +, '^...* +, '^....* +, '^.....* +, '^......* +, '^.......* +, '^........* +, '^.........* +, '^..........* +, '^.*[0-9].* +, '^.*[a-z].* +, '^.*[A-Z].* +, '^.*[^A-Za-z0-9].* +` | diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md index e82adacf95..7332001cc1 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md @@ -12,7 +12,7 @@ This setting enables task delegation to a group of people. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/selectpersonasbyfilterqueryhandlersetting/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/selectpersonasbyfilterqueryhandlersetting/index.md index 78a934cc69..a8a2c87bda 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/selectpersonasbyfilterqueryhandlersetting/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/settings/selectpersonasbyfilterqueryhandlersetting/index.md @@ -12,7 +12,7 @@ This setting is used to filter the entity type used by authentication mechanism. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md index 428dcc0a74..7d984af0d3 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md @@ -14,7 +14,7 @@ Usercube natively sends notifications for usual cases. These native notifications are based on cshtml templates available inside the `Runtime` folder. If the provided templates do not meet your exact needs, then they can be replaced by personalized notification templates. See the -[ Native Notifications ](/docs/identitymanager/6.1/integration-guide/notifications/native/index.md)topic +[Native Notifications](/docs/identitymanager/6.1/integration-guide/notifications/native/index.md)topic for additional information. ## Examples diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md index fe09ec3934..b58a778fe0 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md @@ -41,7 +41,10 @@ There are distinct types of automation rules: `PolicyAutomationRule` is equivalent to `AutomationRule` with its `Type` set to `Policy`, and requires specifying the `Policy` and `EntityType` properties. -_Remember,_ Netwrix recommends always using the typed syntax. +:::tip +Remember, Netwrix recommends always using the typed syntax. +::: + For example, you should always use `SingleRoleAutomationRule`, rather than `AutomationRule` with `Type` set to `CompositeRole`. @@ -103,4 +106,4 @@ script in the command line. | ResourceType optional | Int64 | Identifier of the resource type targeted by the rule. | | SingleRole optional | Int64 | Identifier of the single role targeted by the rule. | | Type required | AutomationRuleType | Object type targeted by the rule. 0 - CompositeRole. 1 - SingleRole. 2 - ResourceType. 4 - Category. 5 - Policy. | -| WorkflowState default value: 0 | WorkflowState | Workflow state of the assignments targeted by the rule. `0` - **None**: used for Usercube's internal computation. `1` - **Non-conforming**: the assignment is not supported by a rule. ![Workflow State: Non-conforming](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/1_nonconforming_v603.webp) `3` - **Pre-existing**: the assignment is not supported by a rule, and it existed before the production launch. ![Workflow State: Pre-existing](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/3_preexisting_v603.webp) `4` - **Requested**: the assignment is requested via a workflow, but not yet added. **NOTE:** Usually displayed in workflows' summaries. ![Workflow State: Pending Approval - Requested](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/4_requested_v603.webp) `5` - **Calculated - Missing Parameters**: the assignment was done by a rule which does not specify at least one required parameter for the role. ![Workflow State: Calculated - Missing Parameters](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/5_calculatedmissingparameters_v603.webp) `8` - **Pending Approval**: the assignment must be reviewed manually by a knowledgeable user. ![Workflow State: Pending Approval](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/8_pendingapproval_v603.webp) `9` - **Pending Approval 1 of 2**: the assignment is pending the first approval on a two-step workflow. `10` - **Pending Approval 2 of 2**: the assignment is pending the second approval on a two-step workflow. `11` - **Pending Approval 1 of 3**: the assignment is pending the first approval on a three-step workflow. `12` - **Pending Approval 2 of 3**: the assignment is pending the second approval on a three-step workflow. `13` - **Pending Approval 3 of 3**: the assignment is pending the third approval on a three-step workflow. `16` - **Approved**: the assignment has completed all approval steps. ![Workflow State: Approved](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/16_approved_v603.webp) `17` - **Declined**: the assignment is explicitly declined during one of the approval steps. ![Workflow State: Declined](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/17_declined_v603.webp) `18` - **Calculated**: the assignment is given by one of Usercube's rules. ![Workflow State: Calculated](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/18_calculated_v603.webp) `19` - **Inactive**: the assignment has expired and is not yet removed. Does not appear in the UI. `20` - **Cancellation**: the assignment is inferred by a role that was declined. See the [ Reconcile a Property ](/docs/identitymanager/6.1/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. ![Workflow State: Cancellation](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/20_cancellation_v603.webp) `21` - **Suggested**: the assignment comes from a rule of type `Suggested` and appears among suggested permissions in the owner's permission basket. See the [ SingleRoleRule ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. ![Workflow State: Suggested](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/21_suggested_v603.webp) `22` - **Suggested**: the assignment comes from a rule of type `Automatic but with Validation` and appears among suggested permissions for a pre-existing user. See the [ SingleRoleRule ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. _Remember,_ the states `21` and `22` are both displayed in the UI as **Suggested** but they do not mean the exact same thing. `23` - **Automatic but with Validation**: the assignment comes from a rule of type `Automatic but with Validation` and appears in a new user's permission basket. See the [ SingleRoleRule ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. `24` - **Approved - Questioned**: the assignment was approved manually, then a change has been made in the assignment's source data via one of Usercube's workflows that should change the assignment but the manual approval is authoritative. See the [Resource Type](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topic for additional information. ![Workflow State: Approved - Questioned](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/24_approvedquestioned_v603.webp) `25` - **Pending Approval - Risk**: the assignment must be reviewed due to a risk. ![Workflow State: Pending Approval (Risk)](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/25_pendingapprovalrisk_v603.webp) `26` - **Blocked**: the assignment is blocked due to a risk of type `Blocking`. Does not appear in the UI. `27` - **Prolonged**: the assignment has expired but it was set with a grace period. See the [ SingleRoleRule ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. ![Workflow State: Prolonged](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/27_prolonged_v603.webp) `116` - **Approved - Risk**: the assignment is approved despite a risk. ![Workflow State: Approved (Risk)](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/16_approved_v603.webp) `118` - **Given by a Role**: the assignment comes from the assignment of a role. For example, when a user is assigned a SAP entitlement without having a SAP account, the account is created automatically with this state. ![Workflow State: Given by a Role](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/118_givenbyarole_v603.webp) **Found** - Will match assignments not supported by a rule. ![Workflow State: Non-conforming](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/1_nonconforming_v603.webp) **Historic** - Will match assignments not supported by a rule, which existed before the production launch. ![Workflow State: Pre-existing](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/3_preexisting_v603.webp) | +| WorkflowState default value: 0 | WorkflowState | Workflow state of the assignments targeted by the rule. `0` - **None**: used for Usercube's internal computation. `1` - **Non-conforming**: the assignment is not supported by a rule. ![Workflow State: Non-conforming](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/1_nonconforming_v603.webp) `3` - **Pre-existing**: the assignment is not supported by a rule, and it existed before the production launch. ![Workflow State: Pre-existing](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/3_preexisting_v603.webp) `4` - **Requested**: the assignment is requested via a workflow, but not yet added. **NOTE:** Usually displayed in workflows' summaries. ![Workflow State: Pending Approval - Requested](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/4_requested_v603.webp) `5` - **Calculated - Missing Parameters**: the assignment was done by a rule which does not specify at least one required parameter for the role. ![Workflow State: Calculated - Missing Parameters](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/5_calculatedmissingparameters_v603.webp) `8` - **Pending Approval**: the assignment must be reviewed manually by a knowledgeable user. ![Workflow State: Pending Approval](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/8_pendingapproval_v603.webp) `9` - **Pending Approval 1 of 2**: the assignment is pending the first approval on a two-step workflow. `10` - **Pending Approval 2 of 2**: the assignment is pending the second approval on a two-step workflow. `11` - **Pending Approval 1 of 3**: the assignment is pending the first approval on a three-step workflow. `12` - **Pending Approval 2 of 3**: the assignment is pending the second approval on a three-step workflow. `13` - **Pending Approval 3 of 3**: the assignment is pending the third approval on a three-step workflow. `16` - **Approved**: the assignment has completed all approval steps. ![Workflow State: Approved](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/16_approved_v603.webp) `17` - **Declined**: the assignment is explicitly declined during one of the approval steps. ![Workflow State: Declined](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/17_declined_v603.webp) `18` - **Calculated**: the assignment is given by one of Usercube's rules. ![Workflow State: Calculated](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/18_calculated_v603.webp) `19` - **Inactive**: the assignment has expired and is not yet removed. Does not appear in the UI. `20` - **Cancellation**: the assignment is inferred by a role that was declined. See the [Reconcile a Property](/docs/identitymanager/6.1/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. ![Workflow State: Cancellation](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/20_cancellation_v603.webp) `21` - **Suggested**: the assignment comes from a rule of type `Suggested` and appears among suggested permissions in the owner's permission basket. See the [SingleRoleRule](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. ![Workflow State: Suggested](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/21_suggested_v603.webp) `22` - **Suggested**: the assignment comes from a rule of type `Automatic but with Validation` and appears among suggested permissions for a pre-existing user. See the [SingleRoleRule](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. _Remember,_ the states `21` and `22` are both displayed in the UI as **Suggested** but they do not mean the exact same thing. `23` - **Automatic but with Validation**: the assignment comes from a rule of type `Automatic but with Validation` and appears in a new user's permission basket. See the [SingleRoleRule](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. `24` - **Approved - Questioned**: the assignment was approved manually, then a change has been made in the assignment's source data via one of Usercube's workflows that should change the assignment but the manual approval is authoritative. See the [Resource Type](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topic for additional information. ![Workflow State: Approved - Questioned](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/24_approvedquestioned_v603.webp) `25` - **Pending Approval - Risk**: the assignment must be reviewed due to a risk. ![Workflow State: Pending Approval (Risk)](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/25_pendingapprovalrisk_v603.webp) `26` - **Blocked**: the assignment is blocked due to a risk of type `Blocking`. Does not appear in the UI. `27` - **Prolonged**: the assignment has expired but it was set with a grace period. See the [SingleRoleRule](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. ![Workflow State: Prolonged](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/27_prolonged_v603.webp) `116` - **Approved - Risk**: the assignment is approved despite a risk. ![Workflow State: Approved (Risk)](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/16_approved_v603.webp) `118` - **Given by a Role**: the assignment comes from the assignment of a role. For example, when a user is assigned a SAP entitlement without having a SAP account, the account is created automatically with this state. ![Workflow State: Given by a Role](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/118_givenbyarole_v603.webp) **Found** - Will match assignments not supported by a rule. ![Workflow State: Non-conforming](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/1_nonconforming_v603.webp) **Historic** - Will match assignments not supported by a rule, which existed before the production launch. ![Workflow State: Pre-existing](/img/product_docs/identitymanager/6.1/integration-guide/role-assignment/evaluate-policy/3_preexisting_v603.webp) | diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md index 63c249bae7..9c1d507df9 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md @@ -28,7 +28,7 @@ The following example declares a new composite role. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md index f3c23ffe65..0074960c05 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md @@ -167,9 +167,12 @@ The following example includes in certification campaigns only the resources tha ``` -**Note:** must be configured together with the other `ResourceCertificationComparison` properties. +:::note +must be configured together with the other `ResourceCertificationComparison` properties. **Note:** when not specified, certification items are defined by `ResourcesStartBinding` and `ResourcesStartBinding`. +::: + ## Properties diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md index 22df89622e..78e33e6712 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md @@ -18,7 +18,7 @@ The following example creates an Active Directory correlation rule based on the ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md index 412e6d13a0..d69afd723c 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md @@ -118,8 +118,11 @@ provisioning to ServiceNow. Then it requires the random identifier computed by S In this case, we want to configure the AD_Entry_AdministrationUser resource type so that a user cannot own an AD administrator account when they do not have an identifier in ServiceNow. -**NOTE:** The DependsOnOwnerProperty of a resource type should only refer to scalar values that are +:::note +The DependsOnOwnerProperty of a resource type should only refer to scalar values that are part of the properties of the SourceEntityType. +::: + The following example is meant to perform an automatic check to prevent the execution of any provisioning order for the creation of an AD administrator account when the user does not have an @@ -174,14 +177,20 @@ data is changed, the scalar rule computes a new value for sn. There are two opti ![Example - State 3](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/discardmanualassignments_state3_v602.webp) - **NOTE:** No change in the source data can affect the property's value. However, any manual + :::note + No change in the source data can affect the property's value. However, any manual change made in the managed system will trigger a non-conforming assignment. Then, reconciling the property by choosing to keep Usercube's suggested value will make the property's value go back to Calculated and thus follow the changes in the source data. + ::: + - **NOTE:** If DiscardManualAssignments is changed from False to True, then the state of the + :::note + If DiscardManualAssignments is changed from False to True, then the state of the property's value does not matter. Usercube applies the rules of the role model, and generates a provisioning order to overwrite the manual change White with the newly computed value Black. + ::: + ![Example - State 4](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/discardmanualassignments_state4_v602.webp) @@ -277,10 +286,10 @@ resource type has previously been correlated to the owner or not. | MaximumInsertPercent default value: 30 | Int32 | Inserted lines threshold in percent. | | MaximumUpdate default value: 0 | Int32 | Updated lines threshold. Sets the maximum number of resources that can be modified within the resource type when running the provisioning job. | | MaximumUpdatePercent default value: 30 | Int32 | Updated lines threshold in percent. | -| P0 default value: false | Boolean | True to indicate that the resource type is parametrized, i.e. there is at least one type rule configured to assign the resource type based on the dimension 0 (up to 3V following the base32hex convention). See the [ Base32 Parameter Names ](/docs/identitymanager/6.1/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | +| P0 default value: false | Boolean | True to indicate that the resource type is parametrized, i.e. there is at least one type rule configured to assign the resource type based on the dimension 0 (up to 3V following the base32hex convention). See the [Base32 Parameter Names](/docs/identitymanager/6.1/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | | Policy required | Int64 | Identifier of the policy that the resource type is part of. | | ProlongationWithoutApproval default value: 0 | ProlongationWithoutApproval | Indicates whether the resource type can be extended without any validation. 0 - Inherited: gets the value from the policy. 1 - Enabled. 2 - Disabled. | -| R0 default value: false | Boolean | True to set the dimension 0 (up to 3V following the base32hex convention) as a required parameter when assigning the resource type. See the [ Base32 Parameter Names ](/docs/identitymanager/6.1/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | +| R0 default value: false | Boolean | True to set the dimension 0 (up to 3V following the base32hex convention) as a required parameter when assigning the resource type. See the [Base32 Parameter Names](/docs/identitymanager/6.1/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | | RemoveOrphans default value: false | Boolean | True to authorize the deprovisioning of this resource when it does not have an owner. Can only be true when AllowRemove property is also true. | | SourceEntityType required | Int64 | Identifier of the source entity type. | | SuggestAllCorrelations optionalAttribute | Boolean | Allows correlation suggestions for rules with a confidence rate below 100, even if other correlations with a confidence rate above 100 have been found. | @@ -311,7 +320,7 @@ script in the command line. | Binding optional | Int64 | Defines the binding expression to get the file property. | | Policy required | Int64 | Identifier of the policy that the rule is part of. | | Property required | Int64 | Identifier of the property used to represent the file on the target EntityType. | -| SingleRole optional | Int64 | Identifier of the single role. The single role must be assigned to the owner so that the file can be provisioned on the resource. See the [ SingleRole ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for additional information. | +| SingleRole optional | Int64 | Identifier of the single role. The single role must be assigned to the owner so that the file can be provisioned on the resource. See the [SingleRole](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for additional information. | | TimeOffsetAfterReference default value: 0 | Int32 | Defines the offset after reference (in minutes). | | TimeOffsetBeforeReference default value: 0 | Int32 | Defines the offset before reference (in minutes). | | TimeOffsetReference default value: 0 | TimeOffsetReference | Offset mode defining which dates to use as references, in order to apply the time offset. The time period for which the rule is applied is adjusted accordingly. 0 - Default: the offset inherited from the type rule. 1 - Around: the offset before reference is applied from the start date of the resource, and the offset after reference is applied from the end date. 2 - Before: the offset before and after reference are both applied from the start date of the resource. 3 - After: the offset before and after reference are both applied from the end date of the resource. in a situation with several binary rules, the order of application is: After, then Before, then Around, then Default. Each rule is able to overwrite those previously applied in case they overlap. two offsets of the same mode should never overlap. Resources' start and end dates can be configured through record sections and/or context rules. | @@ -326,16 +335,19 @@ resources regardless of the attributes of source resources. A navigation rule is defined by the child element `` of the `` element. -**NOTE:** Both navigation and query rules compute navigation properties. The value of one navigation +:::note +Both navigation and query rules compute navigation properties. The value of one navigation property should be computed by either navigation or query rules, not both. +::: + See the -[ Compute a Navigation Property ](/docs/identitymanager/6.1/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) +[Compute a Navigation Property](/docs/identitymanager/6.1/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) topic for additional information. ### Examples -Computation based on other properties +**Computation based on other properties** The following example declares a new rule to give the SG_APP_SharePoint_HR_Owner group to all users who had the SharePoint_HR_Owner role. @@ -360,11 +372,11 @@ script in the command line. ``` -Parametrized roles +**Parametrized roles** The role catalog can be optimized by reducing the number of roles, by configuring parametrized roles. See the -[ Configure a Parameterized Role ](/docs/identitymanager/6.1/user-guide/optimize/parameterized-role/index.md)topic +[Configure a Parameterized Role](/docs/identitymanager/6.1/user-guide/optimize/parameterized-role/index.md)topic for additional information. This optimization will simplify the functional understanding of the role catalog, and speed up @@ -374,9 +386,9 @@ Supposing that the 10th dimension (dimension A following the base32hex conventio time slots, the following example creates a single role Access/A_Brune_HR for all time slots. Each time-slot-related entitlement will be assigned to users by configuring one navigation rule per entitlement, using the dimension as a required parameter. See the -[ Dimension ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) +[Dimension](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) and -[ Base32 Parameter Names ](/docs/identitymanager/6.1/integration-guide/toolkit/parameter-names/index.md)topics +[Base32 Parameter Names](/docs/identitymanager/6.1/integration-guide/toolkit/parameter-names/index.md)topics for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -408,7 +420,7 @@ properties of their owners (source resources and entitlements). These properties provisioned, i.e. written to the managed system. Contrary to navigation rules, query rules assign resources to target resources according to a query via a C# expression with conditions, based on the attributes of the source resources. See the -[ Expressions ](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) +[Expressions](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. A query rule is defined by the child element `` of the `` element. @@ -417,12 +429,12 @@ Both navigation and query rules compute navigation properties. The value of one should be computed by either navigation or query rules, not both. See the -[ Compute a Navigation Property ](/docs/identitymanager/6.1/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) +[Compute a Navigation Property](/docs/identitymanager/6.1/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) topic for additional information. ### Examples -Computation based on other properties +**Computation based on other properties** The following example declares a new rule to compute the parent distinguished name for guest users. Here we do not use source properties, but a literal expression for all guest users. @@ -443,9 +455,9 @@ script in the command line. | Policy required | Int64 | Identifier of the policy that the rule is part of. | | Property required | Int64 | Identifier of the navigation property to be computed. | | SourceBinding optional | Int64 | Binding of the property from the source entity type to be compared with the target binding/expression, in order to find a matching resource to be the value of Property. | -| SourceExpression optional | String | C# expression to compare with the target binding/expression in order to compute the value of Property with the matching resource. See the [ Expressions ](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. | +| SourceExpression optional | String | C# expression to compare with the target binding/expression in order to compute the value of Property with the matching resource. See the [Expressions](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. | | TargetBinding optional | Int64 | Binding of the property from the entity type pointed by Property, which will be the value of Property if it matches the source binding/expression. | -| TargetExpression optional | String | C# expression to compare with the source binding/expression in order to compute the value of Property with the matching resource.See the [ Expressions ](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. The TargetExpression must contain at least one target property, it cannot be a literal expression. | +| TargetExpression optional | String | C# expression to compare with the source binding/expression in order to compute the value of Property with the matching resource.See the [Expressions](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. The TargetExpression must contain at least one target property, it cannot be a literal expression. | | TargetMatchedConfidenceLevel default value: 0 | Int32 | Percentage rate expressing the confidence in the rule according to data quality and sensitivity. Usercube considers the rules in descending order of confidence rate, the first matching rule is applied. 0 to 99: imposes that a resource manager reviews the property computation on the Resource Reconciliation page. 100 to 150: computes the property automatically. | | TimeOffsetAfterReference default value: 0 | Int32 | Time period (in minutes) after the reference end date, which shifts the end of the rule's application. A negative value for the time offset means that the time period is before the reference date. | | TimeOffsetBeforeReference default value: 0 | Int32 | Time period (in minutes) after the reference start date, which shifts the start of the rule's application. A negative value for the time offset means that the time period is before the reference date. | @@ -460,12 +472,12 @@ provisioned, i.e. written to the managed system. A scalar rule is defined by the child element `` of the `` element. See the -[ Compute a Scalar Property ](/docs/identitymanager/6.1/user-guide/set-up/provisioning-rule-creation/scalar-property-computation/index.md) +[Compute a Scalar Property](/docs/identitymanager/6.1/user-guide/set-up/provisioning-rule-creation/scalar-property-computation/index.md) topic for additional information. ### Examples -Computation based on other properties +**Computation based on other properties** The following example shows two scalar rules. The first one computes users' emails based on AD values. The other one contains a C# expression to compute AccountExpires. @@ -492,11 +504,11 @@ script in the command line. ``` -Computation via a literal expression +**Computation via a literal expression** The following example translates to "the userAccountControl property of a App1_Account of resource type App1_Standard_Account must be equal to 66048. It uses a literal expression. See the -[ Expressions ](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) +[Expressions](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -508,12 +520,12 @@ script in the command line. ``` -Binding +**Binding** The Binding attribute complies with the binding expression syntax or the calculation expression syntax. So, it can use the C# language to specify a more complex binding. See the -[ Bindings ](/docs/identitymanager/6.1/integration-guide/toolkit/bindings/index.md) and -[ Expressions ](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) +[Bindings](/docs/identitymanager/6.1/integration-guide/toolkit/bindings/index.md) and +[Expressions](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topics for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -523,7 +535,7 @@ script in the command line. ``` -IsMapped +**IsMapped** Consider a system that we want to connect to Usercube , let's call it SYST, using a title property. Consider also that SYST needs to be provisioned with the value of title, but does not allow any @@ -532,7 +544,7 @@ other system to retrieve the said value. In this case, we set `IsMapped` to false so that Usercube sends the adequate provisioning order when needed, and then is able to change the provisioning state to **Executed** without synchronization. See the -[Provision](/docs/identitymanager/6.1/user-guide/administrate/provisioning/index.md)[ Synchronize Data ](/docs/identitymanager/6.1/user-guide/set-up/synchronization/index.md) +[Provision](/docs/identitymanager/6.1/user-guide/administrate/provisioning/index.md)[Synchronize Data](/docs/identitymanager/6.1/user-guide/set-up/synchronization/index.md) topic for additional information. The following example computes users' title in a given managed system, based on Usercube's @@ -545,15 +557,15 @@ script in the command line. ``` -TimeOffset +**TimeOffset** A scalar rule is applied according to reference start and end dates (configured through record sections and context rules), usually users' arrival and departure days. It means that, for a user matching the rule's criteria, a property is to be computed, by default, from the user's arrival day until their departure day. See the -[ RecordSection ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) +[RecordSection](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) and -[ ContextRule ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) +[ContextRule](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) topics for additional information. ![Schema - Default Application Period](/img/product_docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/datamodel_scalarrule_timeoffsetdefault.webp) @@ -595,7 +607,7 @@ following: | ------------------------------------------ | ------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Binding optional | Int64 | Defines the binding expression. | | ComparisonType default value: 0 | ComparisonType | Defines the comparison type for the computed value, when Usercube retrieves it from the managed system during synchronization, and compares it to the value stored in Usercube's database. 0 - CaseSensitive: compares words exactly as they are. 1 - IgnoreCase: ignores the difference between upper and lower case. 2 - IgnoreDiacritics: considers all letters with diacritics (é, à, ç) to be equivalent to their base letters (e, a, c...). 3 - Simplified: ignores diacritics, case and characters which are not letters. 4 - Approximate: does the same as Simplified but also ignores some spelling mistakes. Some letters are considered equivalent (Z and S, Y and I, W and V, K and C, SS and C). All H can be missing. A T, D or S can be missing at the very end. Finally, it ignores all duplicate letters (other than SS). There is no comparison for unmapped properties (IsMapped set to false). | -| Expression optional | String | Expression used to compute the target property specified in Property. See the [ Expressions ](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. for C# expressions, Usercube provides an implicit variable called "assignment" that contains basic information about the linked assigned resource type, i.e. StartDate, EndDate and ParametersValues. | +| Expression optional | String | Expression used to compute the target property specified in Property. See the [Expressions](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. for C# expressions, Usercube provides an implicit variable called "assignment" that contains basic information about the linked assigned resource type, i.e. StartDate, EndDate and ParametersValues. | | IsMapped default value: true | Boolean | True to use the scalar rule's computation to both provision the managed system and synchronize the property back to Usercube, thus both create and update. Otherwise, the scalar rule's computation is used only to provision the managed system and the property will be ignored during synchronization, thus create only. This way the property can never be displayed as non-conforming. IsMapped is usually set to false in order to adapt the configuration to the constraints of the managed system, when Usercube does not retrieve and/or update the property value. | | Policy required | Int64 | Identifier of the policy that the rule is part of. | | Property required | Int64 | Identifier of the scalar property to be computed. | @@ -611,12 +623,15 @@ resources are to be provisioned, i.e. written to the managed system. A resource type rule is defined by the child element `` of the `` element. -**NOTE:** The specification of several resource type rules for one resource type implies the union +:::note +The specification of several resource type rules for one resource type implies the union of all rules, i.e. the combination of all rules (and all sets of criteria) with an OR operator. +::: + ### Examples -With a dimension criterion +**With a dimension criterion** The following rule will assign an App1_Standard_Account resource (resource of type App1_Account) to any User whose organization dimension (dimension binded to column 0) identifier is Marketing. @@ -631,7 +646,7 @@ script in the command line. ``` -With a single role criterion +**With a single role criterion** In addition to dimensions, a single role can be used as a criterion for a rule. @@ -648,7 +663,7 @@ script in the command line. ``` -Without any criterion +**Without any criterion** Di and SingleRole conditions are not mandatory. A type rule with no condition entails the creation of an AssignedResourceType, and hence of a target resource (from the target entity type), for every diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/user-interface/displaypropertygroup/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/user-interface/displaypropertygroup/index.md index e18178e240..2116f49867 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/user-interface/displaypropertygroup/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/user-interface/displaypropertygroup/index.md @@ -14,7 +14,7 @@ The following example will group a specific set of properties together, when dis ``` - +**** Knowing that we have the following properties: ... diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/user-interface/form/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/user-interface/form/index.md index 53ab7e040b..c064bff7b0 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/user-interface/form/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/user-interface/form/index.md @@ -22,7 +22,7 @@ structured fields to fill. ... - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/workflows/aspects/assertvalueaspect/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/workflows/aspects/assertvalueaspect/index.md index 91f36f81d8..fa8647afdc 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/workflows/aspects/assertvalueaspect/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/workflows/aspects/assertvalueaspect/index.md @@ -66,14 +66,14 @@ return true;" Message_L1="A user cannot have more than one position simultaneous | Identifier required | String | Unique identifier of the aspect. | | Expression optional | String | C# expression returning a boolean, false to invalidate the property value. | | ExpressionBinding optional | String | Binding: - Defines the variable type used in the potential expressions specified in the aspect; - Whose difference with Binding defines the property involved in the aspect **NOTE:** Required when handling the property of multi-valued objects, for example records, to make sure to modify the property in all records and not only in one. | -| IfExpression optional | String | Expression that conditions the aspect execution. See the [ Expressions ](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. | +| IfExpression optional | String | Expression that conditions the aspect execution. See the [Expressions](/docs/identitymanager/6.1/integration-guide/toolkit/expressions/index.md) topic for additional information. | | Message_L1 optional | String | Message in language 1 (up to 16) to be displayed when the property is invalidated by the condition specified in Expression. | | Priority default value: 0 | Int32 | Execution priority among all aspects. At a given activity state, the aspect with the highest priority will be triggered first. **NOTE:** The priority can be a negative value. | ## Child Element: PointCut A pointcut is a mechanism telling Usercube when to execute the linked aspect. See the -[ Aspects ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/workflows/aspects/index.md) +[Aspects](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/workflows/aspects/index.md) topic for additional information. The position of the pointcut is specified by an activity state and a mode (before or after). diff --git a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md index e1c70bcb19..836599538b 100644 --- a/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md +++ b/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md @@ -114,7 +114,7 @@ We want to check the unicity of the new user's login, compared with the logins o ``` - +**** ``` @@ -171,7 +171,7 @@ not add the domain part, and the target expression removes the domain part from ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/ui/how-tos/custom-search-bar/index.md b/docs/identitymanager/6.1/integration-guide/ui/how-tos/custom-search-bar/index.md index c3eb8629a7..0c01e7755d 100644 --- a/docs/identitymanager/6.1/integration-guide/ui/how-tos/custom-search-bar/index.md +++ b/docs/identitymanager/6.1/integration-guide/ui/how-tos/custom-search-bar/index.md @@ -40,7 +40,7 @@ To add a default filter, you must add both of the following properties to a ``` - +**** ``` diff --git a/docs/identitymanager/6.1/integration-guide/ui/how-tos/producttranslations/index.md b/docs/identitymanager/6.1/integration-guide/ui/how-tos/producttranslations/index.md index 8e2e229b06..4013d17499 100644 --- a/docs/identitymanager/6.1/integration-guide/ui/how-tos/producttranslations/index.md +++ b/docs/identitymanager/6.1/integration-guide/ui/how-tos/producttranslations/index.md @@ -15,7 +15,7 @@ a configured component. The translations are given to Usercube in a JSON file, through the configuration deployment tool. This section first explains how to write the JSON file, then how to use it with the deployment tool. -JSON translation file format +**JSON translation file format** Example with the translation keys`accessCertificationReview.recommendation.manuallyAuthorized`, `app.common.button.create.label` and `app.common.labels.whenCreated`: @@ -35,7 +35,7 @@ The JSON file must only contain string properties: no object, array or number. The properties' name must match the wanted translation keys. -Find the translation keys +**Find the translation keys** A translation key is an identifier for a given translation: Usercube uses those keys to find the translation it needs in the interface. diff --git a/docs/identitymanager/6.1/integration-guide/workflows/how-to/workflow-create-mono/index.md b/docs/identitymanager/6.1/integration-guide/workflows/how-to/workflow-create-mono/index.md index a68bb728f6..d9196976bc 100644 --- a/docs/identitymanager/6.1/integration-guide/workflows/how-to/workflow-create-mono/index.md +++ b/docs/identitymanager/6.1/integration-guide/workflows/how-to/workflow-create-mono/index.md @@ -136,7 +136,7 @@ for the whole creation request and review from the previously created workflow: ``` - +**** Permissions for the Request activity: diff --git a/docs/identitymanager/6.1/integration-guide/workflows/how-to/workflow-create-multi/index.md b/docs/identitymanager/6.1/integration-guide/workflows/how-to/workflow-create-multi/index.md index 0fb259b3a2..9f858cd8f5 100644 --- a/docs/identitymanager/6.1/integration-guide/workflows/how-to/workflow-create-multi/index.md +++ b/docs/identitymanager/6.1/integration-guide/workflows/how-to/workflow-create-multi/index.md @@ -141,7 +141,7 @@ for the whole creation request and review from the previously created workflow: ``` - +**** Permissions for the Request activity: diff --git a/docs/identitymanager/6.1/introduction-guide/overview/index.md b/docs/identitymanager/6.1/introduction-guide/overview/index.md index a3b66b9bb8..dabdbdf4f6 100644 --- a/docs/identitymanager/6.1/introduction-guide/overview/index.md +++ b/docs/identitymanager/6.1/introduction-guide/overview/index.md @@ -27,7 +27,7 @@ We could explain Usercube's purpose like this: **Typically, Usercube manages entitlements automatically according to a user's needs, for example Active Directory group memberships.** ---- +**---** **First, we need to manage identities.** @@ -48,7 +48,7 @@ required for IGA-related data flows. [See more details on identity management and connection between systems](/docs/identitymanager/6.1/introduction-guide/overview/identity-management/index.md). ---- +**---** **Then, we need to manage entitlements, in other words access rights, or permissions.** @@ -66,7 +66,7 @@ rules. ![Calculation](/img/product_docs/identitymanager/6.1/introduction-guide/overview/overview_calculation.webp) ---- +**---** **Finally, we need to actually give identities their entitlements and then govern them.** diff --git a/docs/identitymanager/6.1/migration-guide/5.0.x-to-5.1/index.md b/docs/identitymanager/6.1/migration-guide/5.0.x-to-5.1/index.md index 5c7ead56bb..bb0ac09acc 100644 --- a/docs/identitymanager/6.1/migration-guide/5.0.x-to-5.1/index.md +++ b/docs/identitymanager/6.1/migration-guide/5.0.x-to-5.1/index.md @@ -64,7 +64,7 @@ connectors too before importing configuration. ``` - +**** ``` diff --git a/docs/identitymanager/6.1/migration-guide/5.1.0to5.1.1/index.md b/docs/identitymanager/6.1/migration-guide/5.1.0to5.1.1/index.md index e47e19f14c..dd1270f227 100644 --- a/docs/identitymanager/6.1/migration-guide/5.1.0to5.1.1/index.md +++ b/docs/identitymanager/6.1/migration-guide/5.1.0to5.1.1/index.md @@ -127,13 +127,13 @@ New Settings: #### [Optional Settings](/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/general-purpose/index.md) -All working directories are optional in 5.1.1 +**All working directories are optional in 5.1.1** ## Agent Settings #### [Optional Settings](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings/index.md) -All working directories are optional in 5.1.1 +**All working directories are optional in 5.1.1** ## [Logger Settings](/docs/identitymanager/6.1/integration-guide/monitoring/index.md) @@ -144,7 +144,7 @@ Old Settings: ``` "Logging": { "IncludeScopes": false, "LogLevel": { "Default": "Error", "Usercube": "Information" }, -"Serilog": { "WriteTo": [ { "Name": "Console" } ] } } +"Serilog": { "WriteTo": [{ "Name": "Console" }] } } ```` diff --git a/docs/identitymanager/6.1/migration-guide/index.md b/docs/identitymanager/6.1/migration-guide/index.md index a4f598d132..6406d89042 100644 --- a/docs/identitymanager/6.1/migration-guide/index.md +++ b/docs/identitymanager/6.1/migration-guide/index.md @@ -15,7 +15,7 @@ For example from 6.0.215 to 6.0.216. For a migration between versions with major changes, check this guide's subsections. For example see the -[ 5.2.X to 6.0 ](/docs/identitymanager/6.1/migration-guide/5.2.xto6.0/index.md) topic +[5.2.X to 6.0](/docs/identitymanager/6.1/migration-guide/5.2.xto6.0/index.md) topic for additional information on migration. ## Upgrade the Server Only for a Minor Migration diff --git a/docs/identitymanager/6.1/user-guide/administrate/index.md b/docs/identitymanager/6.1/user-guide/administrate/index.md index 2f76b3e4d9..efc2e9c88e 100644 --- a/docs/identitymanager/6.1/user-guide/administrate/index.md +++ b/docs/identitymanager/6.1/user-guide/administrate/index.md @@ -17,7 +17,7 @@ sidebar_position: 30 - #### [Provision](/docs/identitymanager/6.1/user-guide/administrate/provisioning/index.md) - How to write to a managed system +**How to write to a managed system** - #### [Review Provisioning](/docs/identitymanager/6.1/user-guide/administrate/provisioning/provisioning-review/index.md) How to review provisioning orders before generation.- #### diff --git a/docs/identitymanager/6.1/user-guide/administrate/provisioning/index.md b/docs/identitymanager/6.1/user-guide/administrate/provisioning/index.md index 7bf3298348..6e8ab5b251 100644 --- a/docs/identitymanager/6.1/user-guide/administrate/provisioning/index.md +++ b/docs/identitymanager/6.1/user-guide/administrate/provisioning/index.md @@ -24,9 +24,9 @@ When modeling your connectors, you had to decide what data you wanted Usercube t external systems. You configured your connectors, and among other things you chose the appropriate connections and packages, to manage identities and their entitlements by writing directly to the managed systems. This is done through said connectors' provisioning capabilities. See the -[ Model the Data ](/docs/identitymanager/6.1/user-guide/set-up/connect-system/connector-modeling/index.md) +[Model the Data](/docs/identitymanager/6.1/user-guide/set-up/connect-system/connector-modeling/index.md) and -[ Create a Connection ](/docs/identitymanager/6.1/user-guide/set-up/connect-system/connection-creation/index.md) +[Create a Connection](/docs/identitymanager/6.1/user-guide/set-up/connect-system/connection-creation/index.md) topics for additional information. When changes are performed on identity data, entitlements or the role model inside Usercube, @@ -35,9 +35,9 @@ These changes can be written automatically or manually. Manual provisioning is u humans and make them act on the external systems, instead of Usercube. Automatic provisioning is used to minimize human intervention and trust Usercube with role model enforcement in external systems. See the -[ Provision Manually ](/docs/identitymanager/6.1/user-guide/administrate/provisioning/manual-provisioning/index.md) +[Provision Manually](/docs/identitymanager/6.1/user-guide/administrate/provisioning/manual-provisioning/index.md) and -[ Provision Automatically ](/docs/identitymanager/6.1/user-guide/administrate/provisioning/automatic-provisioning/index.md)topics +[Provision Automatically](/docs/identitymanager/6.1/user-guide/administrate/provisioning/automatic-provisioning/index.md)topics for additional information. ### Provisioning states @@ -60,9 +60,9 @@ Here is the list of provisioning states and their description: These states are detailed with their transitions on the individual pages specific to provisioning review, manual provisioning and automated provisioning. See the -[ Entitlement Assignment ](/docs/identitymanager/6.1/integration-guide/role-assignment/assignments-of-entitlements/index.md) +[Entitlement Assignment](/docs/identitymanager/6.1/integration-guide/role-assignment/assignments-of-entitlements/index.md) and -[ Review Provisioning ](/docs/identitymanager/6.1/user-guide/administrate/provisioning/provisioning-review/index.md) +[Review Provisioning](/docs/identitymanager/6.1/user-guide/administrate/provisioning/provisioning-review/index.md) topics for additional information. ### Provisioning review @@ -71,14 +71,14 @@ For security purposes, provisioning orders sometimes need to be reviewed before the managed system. Then, a user with the right entitlements accesses the **Provisioning Review** page. Users can either approve provisioning orders that will then be unblocked and finally propagated, or they can decline orders that will subsequently be ignored. See the -[ Configure a User Profile ](/docs/identitymanager/6.1/user-guide/set-up/user-profile-configuration/index.md)topic +[Configure a User Profile](/docs/identitymanager/6.1/user-guide/set-up/user-profile-configuration/index.md)topic for additional information. The review prior to the provisioning of entitlement assignments is usually performed based on the resource type of given identities. For example, the assignment of sensitive entitlements will require a review before being provisioned, whereas basic rights can be assigned at once. Therefore, resources must be carefully classified beforehand. See the -[ Classify Resources ](/docs/identitymanager/6.1/user-guide/set-up/categorization/classification/index.md) +[Classify Resources](/docs/identitymanager/6.1/user-guide/set-up/categorization/classification/index.md) topic for additional information. ## Participants and Artifacts @@ -90,11 +90,11 @@ This operation should be performed in cooperation with the staff in charge of ma | Connector's data model (required) Classified resources (required) Provisioning Rules (required) Role catalog (required) | Provisioned system | See the -[ Model the Data ](/docs/identitymanager/6.1/user-guide/set-up/connect-system/connector-modeling/index.md), -[ Classify Resources ](/docs/identitymanager/6.1/user-guide/set-up/categorization/classification/index.md), -[ Create a Provisioning Rule ](/docs/identitymanager/6.1/user-guide/set-up/provisioning-rule-creation/index.md), +[Model the Data](/docs/identitymanager/6.1/user-guide/set-up/connect-system/connector-modeling/index.md), +[Classify Resources](/docs/identitymanager/6.1/user-guide/set-up/categorization/classification/index.md), +[Create a Provisioning Rule](/docs/identitymanager/6.1/user-guide/set-up/provisioning-rule-creation/index.md), and -[ Create Roles in the Role Catalog ](/docs/identitymanager/6.1/user-guide/set-up/single-roles-catalog-creation/index.md) +[Create Roles in the Role Catalog](/docs/identitymanager/6.1/user-guide/set-up/single-roles-catalog-creation/index.md) topics for additional information. ## Perform Provisioning diff --git a/docs/identitymanager/6.1/user-guide/deploy/authentication/index.md b/docs/identitymanager/6.1/user-guide/deploy/authentication/index.md index 1b7a96a06b..b21e0e6ead 100644 --- a/docs/identitymanager/6.1/user-guide/deploy/authentication/index.md +++ b/docs/identitymanager/6.1/user-guide/deploy/authentication/index.md @@ -7,5 +7,5 @@ sidebar_position: 30 # Set Up User Authentication How to allow end-users to authenticate and use the Usercube application. See the -[ End-User Authentication ](/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md) +[End-User Authentication](/docs/identitymanager/6.1/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md) topic for additional information. diff --git a/docs/identitymanager/6.1/user-guide/deploy/production-agent-installation/settings-files/index.md b/docs/identitymanager/6.1/user-guide/deploy/production-agent-installation/settings-files/index.md index f724dfc2fe..585f3f8836 100644 --- a/docs/identitymanager/6.1/user-guide/deploy/production-agent-installation/settings-files/index.md +++ b/docs/identitymanager/6.1/user-guide/deploy/production-agent-installation/settings-files/index.md @@ -32,7 +32,7 @@ Configure the agent's settings by proceeding as follows: ``` - web.config +**web.config** ... ... @@ -46,35 +46,27 @@ Configure the agent's settings by proceeding as follows: - **IdentityServer** contains the encryption certificate's path and password provided by NETWRIX' team, in order to secure agent/server identification; - > For example: - > - > ``` - > - > appsettings.json - > - > "IdentityServer": { - > "X509KeyFilePath": "./identitymanager.pfx", - > "X509KeyFilePassword": "secret" - > } - > - > ``` + For example (in `appsettings.json`): + + ```json + "IdentityServer": { + "X509KeyFilePath": "./identitymanager.pfx", + "X509KeyFilePassword": "secret" + } + ``` - you get an encryption certificate which will be used to encrypt specific files such as logs or temporary files, and that **EncryptionCertificate** contains its path and password; - > For example: - > - > ``` - > - > appsettings.json - > - > "EncryptionCertificate": { - > "File": "./identitymanager-Files.pfx", - > "Password": "secret", - > "EncryptFile": true - > } - > - > ``` + For example (in `appsettings.json`): + + ```json + "EncryptionCertificate": { + "File": "./identitymanager-Files.pfx", + "Password": "secret", + "EncryptFile": true + } + ``` **EncryptFile** can stay set to `false` while verifying the agent installation, but for security reasons it must be set to `true` afterwards. @@ -85,30 +77,24 @@ Configure the agent's settings by proceeding as follows: - **ApplicationUri** contains the server's address, provided by NETWRIX' team when working in a SaaS environment; - > For example: - > - > ``` - > - > appsettings.json - > - > "ApplicationUri": "http://localhost:5000" - > - > ``` + For example (in `appsettings.json`): + + ```json + "ApplicationUri": "http://localhost:5000" + ``` Do not write a `/` character at the end of the string. - **Cors** > **AllowAnyHeader**, **AllowAnyMethod** and **AllowCredentials** are set to `true`; - ``` - - appsettings.json - - "Cors": { - "AllowAnyHeader": "true", - "AllowAnyMethod": "true", - "AllowCredentials": "true" - } + For example (in `appsettings.json`): + ```json + "Cors": { + "AllowAnyHeader": "true", + "AllowAnyMethod": "true", + "AllowCredentials": "true" + } ``` 4. Open `appsettings.agent.json` and make sure that: @@ -117,149 +103,119 @@ Configure the agent's settings by proceeding as follows: configuration. [See more details](/docs/identitymanager/6.1/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md). - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "OpenId": { - > "AgentIdentifier": "MyAgent" - > } - > - > ``` - > - > With the following configuration: - > - > ``` - > - > - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "OpenId": { + "AgentIdentifier": "MyAgent" + } + ``` + + With the following configuration: + + For example (in XML): + + ```xml + + ``` - **OpenId** > **OpenIdClients** > **Job** contains the non-hashed value of the password of "Job-Remote" provided by NETWRIX' team� - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "OpenId": { - > "AgentIdentifier": "MyAgent", - > "OpenIdClients": { - > "Job": "secret" - > } - > } - > - > ``` - - � and add the hashed value of this password to the `OpenIdClient` named `Job` from the XML + For example (in `appsettings.agent.json`): + + ```json + "OpenId": { + "AgentIdentifier": "MyAgent", + "OpenIdClients": { + "Job": "secret" + } + } + ``` + + and add the hashed value of this password to the `OpenIdClient` named `Job` from the XML configuration; - > For example: - > - > ``` - > - > - > - > ``` + For example (in XML): + + ```xml + + ``` - **OpenId** > **DefaultOpenIdClient** is set to `Job`; - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "OpenId": { - > "AgentIdentifier": "MyAgent", - > "OpenIdClients": { - > "Job": "secret" - > }, - > "DefaultOpenIdClient": "Job" - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "OpenId": { + "AgentIdentifier": "MyAgent", + "OpenIdClients": { + "Job": "secret" + }, + "DefaultOpenIdClient": "Job" + } + ``` - **PasswordResetSettings** > **TwoFactorSettings** > **ApplicationUri** contains the server's address, provided by NETWRIX' team when working in a SaaS environment; - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "PasswordResetSettings": { - > "TwoFactorSettings": { - > "ApplicationUri": "http://localhost:5000" - > } - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "PasswordResetSettings": { + "TwoFactorSettings": { + "ApplicationUri": "http://localhost:5000" + } + } + ``` - **PasswordResetSettings** > **EncryptionCertificate** contains contains the path and password of the certificate used to secure password tokens; - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "PasswordResetSettings": { - > "TwoFactorSettings": { - > "ApplicationUri": "http://localhost:5000" - > }, - > "EncryptionCertificate": { - > "File": "../identitymanager.pfx", - > "Password": "secret" - > } - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "PasswordResetSettings": { + "TwoFactorSettings": { + "ApplicationUri": "http://localhost:5000" + }, + "EncryptionCertificate": { + "File": "../identitymanager.pfx", + "Password": "secret" + } + } + ``` - **PasswordResetSettings** > **MailSettings** > **PickupDirectory** is set to the `Mails` folder and **FromAddress** to `no-reply@.com`; - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "PasswordResetSettings": { - > "TwoFactorSettings": { - > "ApplicationUri": "http://localhost:5000" - > }, - > "EncryptionCertificate": { - > "File": "../identitymanager.pfx", - > "Password": "secret" - > }, - > "MailSettings": { - > "PickupDirectory": "../Mails", - > "FromAddress": "no-reply@contoso.com" - > } - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "PasswordResetSettings": { + "TwoFactorSettings": { + "ApplicationUri": "http://localhost:5000" + }, + "EncryptionCertificate": { + "File": "../identitymanager.pfx", + "Password": "secret" + }, + "MailSettings": { + "PickupDirectory": "../Mails", + "FromAddress": "no-reply@contoso.com" + } + } + ``` - **SourcesRootPaths** contains the path to the `Sources` folder. - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "SourcesRootPaths": [ - > "C:/identitymanager/Sources" - > ] - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "SourcesRootPaths": [ + "C:/identitymanager/Sources" + ] + ``` ## Next Steps diff --git a/docs/identitymanager/6.1/user-guide/optimize/non-conforming-assignment-review-automation/index.md b/docs/identitymanager/6.1/user-guide/optimize/non-conforming-assignment-review-automation/index.md index 38618520de..d17176c4bc 100644 --- a/docs/identitymanager/6.1/user-guide/optimize/non-conforming-assignment-review-automation/index.md +++ b/docs/identitymanager/6.1/user-guide/optimize/non-conforming-assignment-review-automation/index.md @@ -7,7 +7,7 @@ sidebar_position: 50 # Automate the Review of Non-conforming Assignments How to automate the review of non-conforming assignments through automation rules. See the -[ Review Non-conforming Assignments ](/docs/identitymanager/6.1/user-guide/administrate/non-conforming-assignment-review/index.md) +[Review Non-conforming Assignments](/docs/identitymanager/6.1/user-guide/administrate/non-conforming-assignment-review/index.md) and [Automation Rule](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md) topics for additional information. @@ -41,9 +41,9 @@ team's entitlements. | Mastered non-conforming assignment review (required) Categorized accounts (optional) | Automated assignment review | See the -[ Review Non-conforming Assignments ](/docs/identitymanager/6.1/user-guide/administrate/non-conforming-assignment-review/index.md) +[Review Non-conforming Assignments](/docs/identitymanager/6.1/user-guide/administrate/non-conforming-assignment-review/index.md) and -[ Categorize Resources ](/docs/identitymanager/6.1/user-guide/set-up/categorization/index.md) +[Categorize Resources](/docs/identitymanager/6.1/user-guide/set-up/categorization/index.md) topics for additional information. ## Create an Automation Rule @@ -81,8 +81,11 @@ will be applied. - Workflow State — Workflow state of the assignments that need a decision. - Waiting Period — Time period since the last change in the assignments' workflow states. -_Remember,_ in a nutshell, this rule applies Decision to all assignments of Type (and matching all +:::tip +Remember, in a nutshell, this rule applies Decision to all assignments of Type (and matching all criteria), whose workflow state has been set to Workflow State for more than Waiting Period. +::: + ## Impact of Modifications diff --git a/docs/identitymanager/6.1/user-guide/set-up/user-profile-assignment/index.md b/docs/identitymanager/6.1/user-guide/set-up/user-profile-assignment/index.md index 845ac81a8f..7c92462159 100644 --- a/docs/identitymanager/6.1/user-guide/set-up/user-profile-assignment/index.md +++ b/docs/identitymanager/6.1/user-guide/set-up/user-profile-assignment/index.md @@ -12,9 +12,9 @@ How to assign Usercube's access permissions to users through profiles. All the permissions to access items in Usercube, and to perform given actions, are managed by assigning profiles to users and permissions to profiles. See the -[ AssignedProfile ](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) +[AssignedProfile](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) and -[ References: Permissions ](/docs/identitymanager/6.1/integration-guide/profiles-permissions/permissions/index.md) +[References: Permissions](/docs/identitymanager/6.1/integration-guide/profiles-permissions/permissions/index.md) topics for additional information. ![Schema - Profile Assignment](/img/product_docs/identitymanager/6.1/user-guide/set-up/user-profile-configuration/profiles_schema.webp) @@ -23,7 +23,7 @@ For example, the access to the list of users with their personal data is usually people, and the possibility to modify personal data restricted to HR managers. We define here a permission as an entitlement within Usercube. See the -[ Configure a User Profile ](/docs/identitymanager/6.1/user-guide/set-up/user-profile-configuration/index.md) +[Configure a User Profile](/docs/identitymanager/6.1/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. Users are assigned profiles according to the permissions they need to work, at least one profile per @@ -48,14 +48,14 @@ Integrators must have the knowledge of who must be able to access what within Us | Configured profiles (required) | Assigned profiles | See the -[ Configure a User Profile ](/docs/identitymanager/6.1/user-guide/set-up/user-profile-configuration/index.md) +[Configure a User Profile](/docs/identitymanager/6.1/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. ## Assign a Profile to an Account In the following section you will read about how to assign a profile to an account. -Manual assignment +**Manual assignment** Assign manually a profile to a user by proceeding as follows: @@ -78,7 +78,8 @@ section. - **Deny this Profile**: Option that forbids the profile assignment instead of applying it. - **Start Date** and **End Date**: Particularly useful for profile delegation. -**NOTE:** If filters are defined in the Access Rules, and are assigned to the profile, a +:::note +If filters are defined in the Access Rules, and are assigned to the profile, a **Criteria** section will appear containing them. Filters are conditions that, if met, trigger the Access Control Rule Application. The only filters which can be displayed in this section are filters related to dimensions or hard @@ -87,8 +88,10 @@ The filters are defined in the XML configuration on the access control rules. Th are a fusion of the filters of all the rules associated with the profile. See the [AccessControlRule](/docs/identitymanager/6.1/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) topic for additional information. +::: -Automatic assignment + +**Automatic assignment** The largest profiles with the most basic permissions (like a simple access to the application) concern many identities and are low-privileged. Thus integrators can set up profile assignment rules @@ -101,9 +104,12 @@ topic for additional information. Click on **Launch** to apply these profile rules. -**NOTE:** Profile rules can also be applied through the same button on the **Profiles** page, by +:::note +Profile rules can also be applied through the same button on the **Profiles** page, by clicking on **Settings** in the **Configuration** section, then on **General** > **Profiles** in the left menu. +::: + ## Delegate a Profile @@ -124,7 +130,7 @@ ensured by preventing unwanted entitlement delegation. In order to verify both profile configuration and assignment, check that a sample of users can effectively perform the actions allowed by their profiles. See the -[ Configure a User Profile ](/docs/identitymanager/6.1/user-guide/set-up/user-profile-configuration/index.md) +[Configure a User Profile](/docs/identitymanager/6.1/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. A functioning and well-assigned profile must not trigger 403 errors in the server logs, nor in the diff --git a/docs/identitymanager/6.1/whatsnew/index.md b/docs/identitymanager/6.1/whatsnew/index.md index a7b6b3d0ee..5c69f46d9c 100644 --- a/docs/identitymanager/6.1/whatsnew/index.md +++ b/docs/identitymanager/6.1/whatsnew/index.md @@ -17,7 +17,7 @@ Usercube version. ## Netwrix Usercube v6.1 Released 8-Apr-2024 -Major Highlights +**Major Highlights** - New bulk features are available for the administration screens listed below. To use, filter to select the desired elements, click on the new **Bulk** button, and choose from the presented @@ -37,7 +37,7 @@ Major Highlights - Logs / Performance / Security - Improved error messages. -Other Enhancements +**Other Enhancements** - The Usercube-Manage-History.exe now handles large databases when the `purge-before-date` and the `purge-before-months` parameters are used. diff --git a/docs/identitymanager/6.1/whatsnew/olderversions/index.md b/docs/identitymanager/6.1/whatsnew/olderversions/index.md index ceeece7dcb..125c6e6757 100644 --- a/docs/identitymanager/6.1/whatsnew/olderversions/index.md +++ b/docs/identitymanager/6.1/whatsnew/olderversions/index.md @@ -8,7 +8,7 @@ sidebar_position: 10 ## Version 5.2.3.19 -Release date 10-Oct-2022 +**Release date 10-Oct-2022** #### Enhancements @@ -35,7 +35,7 @@ Release date 10-Oct-2022 ## Version 5.2.3.17 -Release date 27-Sep-2022 +**Release date 27-Sep-2022** #### Fixed Bugs: @@ -66,7 +66,7 @@ Release date 27-Sep-2022 ## Version 5.2.3.16 -Release date 12-Sep-2022 +**Release date 12-Sep-2022** #### Enhancements: @@ -123,7 +123,7 @@ Release date 12-Sep-2022 ## Version 5.2.3.12 -Release date 28-Jul-2022 +**Release date 28-Jul-2022** #### Enhancements: @@ -224,7 +224,7 @@ Release date 28-Jul-2022 ## Version 5.2.3.03 -Release date 3-Jun-2022 +**Release date 3-Jun-2022** #### Fixed Bugs: @@ -241,7 +241,7 @@ Release date 3-Jun-2022 ## Version 5.2.3.02 -Release date 31-May-2022 +**Release date 31-May-2022** ### **Compatibility notice:** @@ -301,7 +301,7 @@ for more information. ## Version 5.2.3.01 - Release Candidate -Release date 17-May-2022 +**Release date 17-May-2022** ### **Compatibility notice:** @@ -461,7 +461,7 @@ for more information. ## Version 5.2.2.7 -Release date 12-Apr-2022 +**Release date 12-Apr-2022** #### Fixed bugs: @@ -522,7 +522,7 @@ Release date 12-Apr-2022 ## Version 5.2.2.1 - Commercial Release -Release date 24-Feb-2022 +**Release date 24-Feb-2022** ### **Compatibility notice:** @@ -559,7 +559,7 @@ be followed. ## Version 5.2.2.0 - Release Candidate -Release date 10-Feb-2022 +**Release date 10-Feb-2022** #### Enhancements: @@ -766,7 +766,7 @@ Release date 10-Feb-2022 ## Version 5.2.1.3 -Release date 26-Jan-2022 +**Release date 26-Jan-2022** #### Fixed bugs: @@ -798,7 +798,7 @@ Release date 26-Jan-2022 ## Version 5.2.1.1 -Release date 14-Jan-2022 +**Release date 14-Jan-2022** #### Fixed bugs: @@ -875,7 +875,7 @@ Release date 14-Jan-2022 ## Version 5.1.7.17 -Release date 22-Dec-2021 +**Release date 22-Dec-2021** #### Fixed Bugs: @@ -885,7 +885,7 @@ Release date 22-Dec-2021 ## Version 5.1.7.16 -Release date 09-Dec-2021 +**Release date 09-Dec-2021** #### Fixed Bugs: @@ -894,7 +894,7 @@ Release date 09-Dec-2021 ## Version 5.1.7.15 -Release date 06-Dec-2021 +**Release date 06-Dec-2021** #### Fixed Bugs: @@ -904,7 +904,7 @@ Release date 06-Dec-2021 ## Version 5.1.7.14 -Release date 29-Nov-2021 +**Release date 29-Nov-2021** #### Fixed Bugs: @@ -925,7 +925,7 @@ Release date 29-Nov-2021 ## Version 5.1.7.13 -Release date 10-Nov-2021 +**Release date 10-Nov-2021** #### Fixed Bugs: @@ -944,7 +944,7 @@ Release date 10-Nov-2021 ## Version 5.1.7.12 -Release date 27-Oct-2021 +**Release date 27-Oct-2021** #### Fixed Bugs: @@ -958,7 +958,7 @@ Release date 27-Oct-2021 ## Version 5.2.1.0 -Release date 21-Oct-2021 +**Release date 21-Oct-2021** ### **Compatibility notice:** @@ -1115,7 +1115,7 @@ be followed. ## Version 5.2.0.8 -Release date 12-Oct-2021 +**Release date 12-Oct-2021** #### Fixed Bugs: @@ -1165,7 +1165,7 @@ Release date 12-Oct-2021 ## Version 5.1.7.11 -Release date 24-Sep-2021 +**Release date 24-Sep-2021** #### Fixed Bugs: @@ -1201,7 +1201,7 @@ Release date 24-Sep-2021 ## Version 5.2.0.6 -Release date 30-Aug-2021 +**Release date 30-Aug-2021** ### **Migration notice:** @@ -1265,7 +1265,7 @@ There is no migration to be done from version 5.2.0.2. ## Version 5.1.7.10 -Release date 4-Aug-2021 +**Release date 4-Aug-2021** #### Fixed Bugs: @@ -1336,7 +1336,7 @@ Release date 4-Aug-2021 ## Version 5.2.0.2 -Release date 23-Jul-21 +**Release date 23-Jul-21** ### **Compatibility notice:** @@ -1646,7 +1646,7 @@ be followed. ## Version 5.1.7.9 -Release date 24-Jun-2021 +**Release date 24-Jun-2021** #### Fixed Bugs: @@ -1684,7 +1684,7 @@ Release date 24-Jun-2021 ## Version 5.1.7.8 -Release date 7-Jun-2021 +**Release date 7-Jun-2021** #### Mini migration: @@ -1694,12 +1694,12 @@ configured in the appsettings, no change is necessary. See the first bug below f #### Enhancements: -Connectors and Integrations +**Connectors and Integrations** - The Usercube-Discover-ActiveDirectory tool has been enhanced to determine the domain controller closest to the agent. -Logs/Performance/Security +**Logs/Performance/Security** - Certain, less important, "Warning" messages displayed in the logs have been downgraded to the debug level. @@ -1757,7 +1757,7 @@ Logs/Performance/Security ## Version 5.1.7.7 -Release date: 18-May-2021 +**Release date: 18-May-2021** #### Fixed Bugs: @@ -1801,7 +1801,7 @@ Release date: 18-May-2021 ## Version 5.1.7.6 -Release date: 20-Apr-2021 +**Release date: 20-Apr-2021** #### Fixed Bugs: @@ -1832,7 +1832,7 @@ Release date: 20-Apr-2021 ## Version 5.1.7.5 -Release date: 30-Mar-2021 +**Release date: 30-Mar-2021** #### Enhancements: @@ -1901,7 +1901,7 @@ Whenever the value of this property changes for a resource used in the defined n ## Version 5.1.7.4 -Release date: 16-Mar-2021 +**Release date: 16-Mar-2021** #### Fixed bugs: @@ -1909,7 +1909,7 @@ Release date: 16-Mar-2021 ## Version 5.1.7.3 -Release date: 12-Mar-2021 +**Release date: 12-Mar-2021** #### Fixed bugs: @@ -1953,7 +1953,7 @@ Release date: 12-Mar-2021 ## Version 5.1.7.2 -Release date: 26-Feb-2021 +**Release date: 26-Feb-2021** #### Fixed bugs: @@ -1974,7 +1974,7 @@ Release date: 26-Feb-2021 ## Version 5.1.7.1 -Release date: 19-Feb-2021 +**Release date: 19-Feb-2021** #### Fixed bugs: @@ -2064,7 +2064,7 @@ Release date: 19-Feb-2021 } } - return arguments;" > +**return arguments;" >** ``` @@ -2077,7 +2077,7 @@ Release date: 19-Feb-2021 ## Version 5.1.7 -Release date: 14-Jan-2021 +**Release date: 14-Jan-2021** ### **Compatibility notice:** @@ -2139,7 +2139,7 @@ therefore be followed IN THE ORDER INDICATED. ``` - and / or +**and / or** ``` @@ -2303,7 +2303,7 @@ therefore be followed IN THE ORDER INDICATED. ## Version 5.1.6.2 -Release date: 9-Feb-2021 +**Release date: 9-Feb-2021** #### Fixed bugs: @@ -2316,7 +2316,7 @@ Release date: 9-Feb-2021 ## Version 5.1.6.1 -Release date: 8-Jan-2021 +**Release date: 8-Jan-2021** #### Fixed bugs: @@ -2337,7 +2337,7 @@ Release date: 8-Jan-2021 ## Version 5.1.6 -Release date: 16-Nov-2020 +**Release date: 16-Nov-2020** ### **Compatibility notice:** @@ -2626,7 +2626,7 @@ To continue to use the Usercube certificate in non-production environments, add ## Version 5.1.5.1 -Release date 2020-10-05 +**Release date 2020-10-05** #### Fixed bugs: @@ -2649,7 +2649,7 @@ Release date 2020-10-05 ## Version 5.1.5 -Release date: 2020-09-15 +**Release date: 2020-09-15** ### **Compatibility notice:** @@ -2687,7 +2687,7 @@ therefore be followed IN THE ORDER INDICATED. #### Enhancements: -New UI features +**New UI features** - New display indicators are available to indicate certain resource attributes (for example: VIP, External, High Risk etc). @@ -2739,7 +2739,7 @@ New UI features - On the Resource Reconciliation page, when the resource type is changed and parameters are needed, Usercube now prompts for parameter values. -New Job features +**New Job features** - Within a job, multiple tasks with the same level indication can now be executed at the same time. See the documentation for more information Home > Integration Guide > References > Data model > @@ -2755,7 +2755,7 @@ New Job features Configure Usercube Jobs > Synchronization Complete or search for the attribute `TaskDependsOnTask` for more information. -Other new items +**Other new items** - Because mail settings are unique to each environment, mailSettings have been moved from the database to the appsettings configuration. In order to migrate and preserve existing mailSettings, @@ -2783,7 +2783,7 @@ Other new items #### Fixed bugs: -UI Corrections +**UI Corrections** - In email notifications, the password font has been changed so the characters are clearer. - When a login is incorrect, better error messages are now shown. @@ -2838,7 +2838,7 @@ UI Corrections - Composite and single role metadata have been added to the access review module which permits, among other things, the filtering of access review items. -Security and performance corrections +**Security and performance corrections** - The InvokeSQLCommandTask now correctly interprets the LogLevel that has been indicated. - A series of optimizations have been made for connector synchronizations. @@ -2851,7 +2851,7 @@ Security and performance corrections - Change the default value for the BlockProvisioning attribute of ComputeRoleModelTask, from false to true in order to prevent unexpected fulfillments. -Configuration Deployment +**Configuration Deployment** - When deploying the conf, if the arguments �configuration-directory and �database-connection-string are missing, the exception is now thrown correctly. @@ -2863,7 +2863,7 @@ Configuration Deployment - Harmonization of similar attributes: FilesAreEncrypted in the MappingPath scaffolding argument has been switched to FilesAreNotEncrypted. -Other corrections +**Other corrections** - Correction for regression in Windows SSO authentication - The InvokeSQLServer jobs now correctly abort when the user clicks on the �Stop' button during a @@ -2917,7 +2917,7 @@ Reconcilation. They will be back in version 5.1.6. ## Version 5.1.4.2 -Release date: 2020-08-12 +**Release date: 2020-08-12** #### Fixed bugs: @@ -2928,7 +2928,7 @@ Release date: 2020-08-12 ## Version 5.1.4.1 -Release date: 2020-07-31 +**Release date: 2020-07-31** #### Fixed bugs: @@ -2939,7 +2939,7 @@ Release date: 2020-07-31 ## Version 5.1.4 -Release date: 2020-07-24 +**Release date: 2020-07-24** ### **Compatibility notice:** @@ -3166,7 +3166,7 @@ therefore be followed. ## Version 5.1.3.1 -Release date: 2020-06-15 +**Release date: 2020-06-15** #### Fixed bugs: @@ -3185,7 +3185,7 @@ Release date: 2020-06-15 - Several ResourceTypes can now be provisioned at the same time. - Solution for an intermittent problem where encrypted logs were truncated, preventing decryption. -Release date: 2020-06-02 +**Release date: 2020-06-02** ### **Compatibility notice:** @@ -3433,7 +3433,7 @@ therefore be followed. ## Version 5.1.2 -Release date: 2020-04-10 +**Release date: 2020-04-10** ### **Compatibility notice:** @@ -3647,7 +3647,7 @@ therefore be followed. ## Version 5.1.1 -Release date: 2020-03-03 +**Release date: 2020-03-03** ### **Compatibility notice:** @@ -3744,7 +3744,7 @@ therefore be followed. ## Version 5.1.0 -Release date: 2020-01-20 +**Release date: 2020-01-20** ### **Compatibility notice:** diff --git a/docs/identitymanager/6.2/installation-guide/index.md b/docs/identitymanager/6.2/installation-guide/index.md index a0329085ec..55f99a5c65 100644 --- a/docs/identitymanager/6.2/installation-guide/index.md +++ b/docs/identitymanager/6.2/installation-guide/index.md @@ -21,5 +21,5 @@ Required knowledge includes: ## Overview The installation of Identity Manager requires architectural decisions to be made. An -[ Overview ](/docs/identitymanager/6.2/installation-guide/overview/index.md) of the architecture and available configurations will help you make +[Overview](/docs/identitymanager/6.2/installation-guide/overview/index.md) of the architecture and available configurations will help you make informed decisions. diff --git a/docs/identitymanager/6.2/installation-guide/overview/index.md b/docs/identitymanager/6.2/installation-guide/overview/index.md index c633b8daea..539af169b5 100644 --- a/docs/identitymanager/6.2/installation-guide/overview/index.md +++ b/docs/identitymanager/6.2/installation-guide/overview/index.md @@ -61,7 +61,7 @@ Identity Manager needs the following data flows to be enabled: connectors. This requirement only applies to a few specific **administrator type profiles**. - The **Server** and the **Agent** both need to access an **SMTP server** to - [ Send Notifications ](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md). + [Send Notifications](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md). ## SaaS vs. On-Premise @@ -70,7 +70,7 @@ Identity Manager comes in two flavors: SaaS and On-Premise. - The **SaaS** offering only requires the Agent to be installed on your organization network. - The **On-Premise** offering requires the Agent, the [Install the Server](/docs/identitymanager/6.2/installation-guide/production-ready/server/index.md), and the - [ Install the Database ](/docs/identitymanager/6.2/installation-guide/production-ready/database/index.md) to be installed. + [Install the Database](/docs/identitymanager/6.2/installation-guide/production-ready/database/index.md) to be installed. See the [ Install the Agents](/docs/identitymanager/6.2/installation-guide/production-ready/agent/index.md) topics for additional information. @@ -115,7 +115,7 @@ additional information. ## Email Server Identity Manager sends notifications to users by email. An email server will have to be set up for -the Agent and the Server. See the [ Send Notifications ](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md) +the Agent and the Server. See the [Send Notifications](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md) topic for additional information. Before you check out the installation steps, make sure that all the diff --git a/docs/identitymanager/6.2/installation-guide/production-ready/agent/index.md b/docs/identitymanager/6.2/installation-guide/production-ready/agent/index.md index 803740dbde..8e579da4d6 100644 --- a/docs/identitymanager/6.2/installation-guide/production-ready/agent/index.md +++ b/docs/identitymanager/6.2/installation-guide/production-ready/agent/index.md @@ -11,13 +11,16 @@ your case, and the server is already installed, no need to go further. If, on th need separate agents, or if you are installing Identity Manager's agents within Identity Manager's SaaS offering, this is the way to go. -**NOTE:** Please make sure that Identity Manager's agent requirements are met before going further. -See the[ Agent ](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md) topic for additional information. +:::note +Please make sure that Identity Manager's agent requirements are met before going further. +See the[Agent](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md) topic for additional information. +::: + ## Agent Working Directory The agent runtime content should be extracted from the runtime archive following the instructions -provided in the [ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) topic. +provided in the [Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) topic. In the separate agent setup, the agent is usually installed on a different workstation from the server. @@ -30,8 +33,11 @@ topic for additional information. It is recommended to run the Identity Manager agent as an IIS website. -_Remember,_ to install Identity Manager's agent as a Windows service, see the -[ Agent ](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md) topic for additional information. +:::tip +Remember, to install Identity Manager's agent as a Windows service, see the +[Agent](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md) topic for additional information. +::: + Adding Identity Manager's agent as an IIS website can be achieved with the [Internet Information Services (IIS) Manager](https://www.iis.net/) which can be launched with the @@ -109,7 +115,7 @@ higher) to be able to run dotnet application. ## Select an Agent Identity The agent, through Identity Manager's server IIS Website, should be assigned a service account with -the relevant permissions. See the [ Agent ](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md) topic +the relevant permissions. See the [Agent](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md) topic for additional information. You can either: @@ -204,7 +210,7 @@ Up to four folders have to be considered: - the provisioning orders directory, usually `C:/identitymanager/Temp` (same as for the data collection directory). -See the[ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) and +See the[Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) and [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md) topics for additional information. @@ -251,7 +257,7 @@ information. The working directory permissions are all set. The same steps have to be performed on the runtime, the data collection and the provisioning orders -directories. See the[ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) and +directories. See the[Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) and [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md) topics for additional information. @@ -307,12 +313,10 @@ appsettings.agent.json   ...   "Connections": {     "ADExport": { -        "Servers": [ -          { +        "Servers": [{            "Server": "",            "BaseDN": "" -          } -        ], +          }],         "AuthType": "",         "Login": "",         "Password": "", @@ -328,10 +332,13 @@ appsettings.agent.json } ``` -_Remember,_ storing sensitive managed system data in configuration files, such as login/password +:::tip +Remember, storing sensitive managed system data in configuration files, such as login/password pairs, is strongly discouraged. Sensitive data should be protected by one of the credentials protection methods. See the[Connectors](/docs/identitymanager/6.2/integration-guide/connectors/index.md) topic for additional information. +::: + ## Encryption Key Pair @@ -395,7 +402,7 @@ hence the X509KeyFilePassword attribute. Storing a `.pfx` file password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword tool. See the -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -444,12 +451,12 @@ The connection to Identity Manager's server can be configured through: - OpenIdClients and DefaultOpenIdClient must be used to set the agent's credentials to connect to the server; See the [appsettings.agent](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) - and[ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) + and[OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topics for additional information. Their content should be provided by the integration team, in relation to the OpenIdClient tag in the applicative configuration. See -the[ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) +the[OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. The following example shows an appsettings.agent.json file that sets an agent to connect to Identity @@ -472,8 +479,11 @@ script in the command line. } ``` -_Remember,_ storing plain text passwords in configuration files is strongly discouraged. Sensitive +:::tip +Remember, storing plain text passwords in configuration files is strongly discouraged. Sensitive passwords should be encrypted. +::: + ## Install the Agent as a Windows Service @@ -490,8 +500,11 @@ script in the command line. sc.exe create Usercube binpath= "" displayname= "" start= auto obj= "" password= "" ``` -_Remember,_ make sure to include a space between each parameter's equal sign (=) and the parameter +:::tip +Remember, make sure to include a space between each parameter's equal sign (=) and the parameter value. +::: + ## Configure the Starting Mode in IIS (optional) @@ -534,4 +547,4 @@ from being launched. ## What's Next? The last step in the installation process is setting up an Email server. See the -[ Send Notifications ](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md) topic for additional information. +[Send Notifications](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md b/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md index 61b7542a96..d7f57c8152 100644 --- a/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md +++ b/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md @@ -46,7 +46,7 @@ Here is an example with an external SMTP server. ``` -appsettings.json +**appsettings.json** { ... diff --git a/docs/identitymanager/6.2/installation-guide/production-ready/index.md b/docs/identitymanager/6.2/installation-guide/production-ready/index.md index 72a7083b4a..96463b0263 100644 --- a/docs/identitymanager/6.2/installation-guide/production-ready/index.md +++ b/docs/identitymanager/6.2/installation-guide/production-ready/index.md @@ -8,7 +8,7 @@ sidebar_position: 40 This guide leads the reader through the steps to install Identity Manager for production purposes. -**1.\_\_**Before proceeding\_\_, you should go through the [ Overview ](/docs/identitymanager/6.2/installation-guide/overview/index.md) and +**1.\_\_**Before proceeding\_\_, you should go through the [Overview](/docs/identitymanager/6.2/installation-guide/overview/index.md) and [Requirements](/docs/identitymanager/6.2/installation-guide/requirements/index.md) sections to make fundamental decisions about Identity Manager setup, including: @@ -38,4 +38,4 @@ as target organization. ## What's Next? -The first step consists in [ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md). +The first step consists in [Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md). diff --git a/docs/identitymanager/6.2/installation-guide/production-ready/server/index.md b/docs/identitymanager/6.2/installation-guide/production-ready/server/index.md index d384cef2c5..09a401e952 100644 --- a/docs/identitymanager/6.2/installation-guide/production-ready/server/index.md +++ b/docs/identitymanager/6.2/installation-guide/production-ready/server/index.md @@ -6,8 +6,11 @@ sidebar_position: 30 # Install the Server -**NOTE:** If you are a SaaS client this topic does not apply. You can skip directly to end user +:::note +If you are a SaaS client this topic does not apply. You can skip directly to end user authentication. See the Set up End-User Authentication topic for additional information. +::: + Identity Manager Server can be installed on the same workstation as the database or on a separate workstation. If Identity Manager is installed on a separate workstation, it requires the SQL @@ -20,7 +23,7 @@ Please make sure that the server requirements are met before going further. See The server executable is beeing been extracted to the working directory as `Usercube-Server.exe` and `Usercube-Server.dll` and will enable a user or IIS to run the Identity Manager Server. See the -[ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) topic for additional information. +[Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) topic for additional information. ## Set up the License Key @@ -101,7 +104,10 @@ To create a service account you need to perform the following steps: **Step 1 –** Log on to a Windows server in the target domain environment. You should use an account with the necessary permissions to create new domain accounts. -**NOTE:** The target domain is the domain where SQL Server is installed. +:::note +The target domain is the domain where SQL Server is installed. +::: + **Step 2 –** Access the _Active Directory User and Computers_ tool with the command `dsa.mc`. @@ -111,18 +117,24 @@ select **New** > **User**. **Step 4 –** Choose a mnemonic _First Name_ for the Identity Manager Server, as for example `UsercubeContosoServer`, and click **Next**. -_Remember,_ the down-level log on name in the format `DOMAIN/userName`,.as for example +:::tip +Remember, the down-level log on name in the format `DOMAIN/userName`,.as for example `CONTOSO/identitymanagerContosoServer`. +::: + **Step 5 –** Set a password and remember it for later, check the boxes **User cannot change password** and **Password never expires**. This newly created service account is a domain account and will be used as an IIS identity. -**NOTE:** You can go further and use Managed Service Account to avoid dealing with the service +:::note +You can go further and use Managed Service Account to avoid dealing with the service account password update yourself and let Windows worry about it. This feature requires installing Identity Manager on Windows Server 2016 or later, and using an Active Directory with a forest level set to Windows Server 2016 or later. +::: + ### Set an IIS identity @@ -219,7 +231,7 @@ Up to four folders have to be considered: - The provisioning orders directory, usually `C:/identitymanager/Temp` (same as for the data collection directory). -See the [ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) and +See the [Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) and [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md) topics for additional information. @@ -254,7 +266,7 @@ The Identity Manager Server service account that was chosen previously: The working directory permissions are all set. The same steps have to be performed on the runtime, the data collection and the provisioning orders -directories. See the [ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) and +directories. See the [Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) and [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md) topics for additional information. @@ -336,7 +348,7 @@ section. Storing a `.pfx` file password in plain text in a production environment is strongly discouraged. The password should always be encrypted using the Usercube-Protect-CertificatePassword tool. See the -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -383,9 +395,9 @@ permissions, let's finalize the setup. The connection between the Server and the Database requires choosing an authentication method: [Windows Authentication](https://docs.microsoft.com/en-us/sql/relational-databases/security/choose-an-authentication-mode?view=sql-server-ver15#windows-authentication) or SQL Server authentication. See the -[ Connection to the Database ](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/database-connection/index.md) +[Connection to the Database](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/database-connection/index.md) and -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) topics for additional information. Windows authentication will require the IIS identity to be set to the custom Windows service account used to log in to the Identity Manager's Windows Server session. SQL authentication will work with both the _built-in_ app pool identity and a custom service @@ -446,10 +458,13 @@ appsettings.json ``` -**_RECOMMENDED:_** SQL Server authentication stores plain text credentials in the configuration +:::info +SQL Server authentication stores plain text credentials in the configuration file. This is strongly discouraged. To avoid storing plain text credentials, you should always strive to use Windows authentication or encrypt sensitive setting values such as the connection string. +::: + ## SSL Certificate diff --git a/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md b/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md index c55fa43db4..362cee1e41 100644 --- a/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md +++ b/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md @@ -60,4 +60,4 @@ The working directory structure should now resemble the following: ## What's Next? Next section shows how to install the Identity Manager Database. See the -[ Install the Database ](/docs/identitymanager/6.2/installation-guide/production-ready/database/index.md)topic for additional information. +[Install the Database](/docs/identitymanager/6.2/installation-guide/production-ready/database/index.md)topic for additional information. diff --git a/docs/identitymanager/6.2/installation-guide/quick-start/index.md b/docs/identitymanager/6.2/installation-guide/quick-start/index.md index 81760b46cf..f09f42144e 100644 --- a/docs/identitymanager/6.2/installation-guide/quick-start/index.md +++ b/docs/identitymanager/6.2/installation-guide/quick-start/index.md @@ -41,16 +41,22 @@ When extracting Identity Manager Bootstrap to the root of the computer, it looks **Step 5 –** Create a Sources folder in Identity Manager Bootstrap. -_Remember,_ if you don't have the Identity Manager Bootstrap folder or if you don't create the +:::tip +Remember, if you don't have the Identity Manager Bootstrap folder or if you don't create the Sources folder, the Path in the Directory connection in the Runtime/appsettings.agent.json must be adapted. Note that you don't need to have a Directory.xlsx file at the location described by this Path for now. +::: + **Step 6 –** Create a database named Identity Manager, using the default options. -**NOTE:** When using a database server other than Microsoft SQL Server or a different database name, +:::note +When using a database server other than Microsoft SQL Server or a different database name, remember to change the connection string accordingly, in the Runtime/appsettings.json file and in the future command lines. +::: + **Step 7 –** Execute the Runtime/identitymanager.sql file in the database. diff --git a/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md b/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md index 82bf2606ac..034b4c7ec6 100644 --- a/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md +++ b/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md @@ -58,7 +58,7 @@ or a custom ### Working directory permissions The agent's service account needs specific permissions presented in the -[ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) topic as: +[Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) topic as: - _Read_, _Modify_, and _List folder contents_ on the working directory; - _Read & Execute_ and _List folder contents_ on the `Runtime` directory, usually @@ -68,7 +68,7 @@ The agent's service account needs specific permissions presented in the - _Read_, _Modify_, _List folder contents_, and _Write_ on the directory for data collection, whose path depends on the `Work` folder's path. -See the [ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) and +See the [Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) and [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md) topics for additional information. @@ -98,7 +98,7 @@ Before going further, make sure the integration team has provided: Managed systems credentials are stored in the `appsettings.agent` configuration set and can be protected. See the [appsettings.agent](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) -and [ Modules ](/docs/identitymanager/6.2/integration-guide/modules/index.md) topics for additional information. +and [Modules](/docs/identitymanager/6.2/integration-guide/modules/index.md) topics for additional information. ### Database permissions @@ -123,7 +123,7 @@ communication with the server. ## Emails The agent needs access to an SMTP server to -[ Send Notifications ](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md). +[Send Notifications](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md). ## Encryption Key Pair diff --git a/docs/identitymanager/6.2/installation-guide/requirements/database-requirements/index.md b/docs/identitymanager/6.2/installation-guide/requirements/database-requirements/index.md index 8d2d3e67a1..df511dba31 100644 --- a/docs/identitymanager/6.2/installation-guide/requirements/database-requirements/index.md +++ b/docs/identitymanager/6.2/installation-guide/requirements/database-requirements/index.md @@ -13,7 +13,10 @@ This section identifies hardware and software requirements for Identity Manager' The database disk storage requirements depend on multiple factors as the database lifespan and the number of entries, for example 100,000 users can take up appropriately 10 GB of storage -**NOTE:** The maximum SQL Express database is 10 GB. +:::note +The maximum SQL Express database is 10 GB. +::: + ## Software diff --git a/docs/identitymanager/6.2/installation-guide/requirements/device-requirements/index.md b/docs/identitymanager/6.2/installation-guide/requirements/device-requirements/index.md index f118eae202..b7d5ac3737 100644 --- a/docs/identitymanager/6.2/installation-guide/requirements/device-requirements/index.md +++ b/docs/identitymanager/6.2/installation-guide/requirements/device-requirements/index.md @@ -17,8 +17,11 @@ for additional information. No matter whether the machine is virtual or physical, running a Identity Manager server or agent requires at least 8 GB of RAM, 20 GB of disk storage, and a dual-core CPU. -**NOTE:** Netwrix Identity Manager (formerly Usercube) recommends a 4-core CPU if SQL server is +:::note +Netwrix Identity Manager (formerly Usercube) recommends a 4-core CPU if SQL server is installed on this device. +::: + ## Software diff --git a/docs/identitymanager/6.2/installation-guide/requirements/index.md b/docs/identitymanager/6.2/installation-guide/requirements/index.md index 7b6e7a5111..da348a8755 100644 --- a/docs/identitymanager/6.2/installation-guide/requirements/index.md +++ b/docs/identitymanager/6.2/installation-guide/requirements/index.md @@ -11,4 +11,4 @@ This section identifies hardware and software requirements for each Identity Man - [Integration Device](/docs/identitymanager/6.2/installation-guide/requirements/device-requirements/index.md) - [Database](/docs/identitymanager/6.2/installation-guide/requirements/database-requirements/index.md) - [Server](/docs/identitymanager/6.2/installation-guide/requirements/server-requirements/index.md) -- [ Agent ](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md) +- [Agent](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md) diff --git a/docs/identitymanager/6.2/installation-guide/requirements/server-requirements/index.md b/docs/identitymanager/6.2/installation-guide/requirements/server-requirements/index.md index 3ff90c3a1b..acd12a412a 100644 --- a/docs/identitymanager/6.2/installation-guide/requirements/server-requirements/index.md +++ b/docs/identitymanager/6.2/installation-guide/requirements/server-requirements/index.md @@ -53,7 +53,7 @@ Server. Hence Netwrix Identity Manager (formerly Usercube) recommends using a do ### Working directory permissions The agent's service account needs specific permissions presented in -the[ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) topic as: +the[Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) topic as: - _Read_ and _List folder contents_ on the working directory; - _Read & Execute_ and _List folder contents_ on the `Runtime` directory, usually @@ -63,7 +63,7 @@ the[ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/p - _Read_, _List folder contents_, and _Write_ on the directory for data collection, whose path depends on the `Work` folder's path. -See the [ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) and +See the [Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) and [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md) topics for additional information. @@ -112,7 +112,7 @@ set up in IIS. ## Emails The server needs access to an SMTP server to -[ Send Notifications ](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md). +[Send Notifications](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md). ## Encryption and Identity Server Key Pairs @@ -147,4 +147,4 @@ and[ pvk2pfx tool](https://docs.microsoft.com/en-us/windows-hardware/drivers/dev ## What's Next? Let's move on to Identity Manager's agent requirements. See the -[ Agent ](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md) topic for additional information. +[Agent](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/installation-guide/reverse-proxy/index.md b/docs/identitymanager/6.2/installation-guide/reverse-proxy/index.md index f3f1408aa3..06a706017c 100644 --- a/docs/identitymanager/6.2/installation-guide/reverse-proxy/index.md +++ b/docs/identitymanager/6.2/installation-guide/reverse-proxy/index.md @@ -76,11 +76,11 @@ at `` on network 2. ``` -nginx.conf +**nginx.conf** worker_processes auto; -http { +**http {** ## # Basic Settings @@ -203,6 +203,6 @@ server { proxy_set_header X-Real-IP $remote_addr; } - } +**}** ``` diff --git a/docs/identitymanager/6.2/integration-guide/api/authentication/index.md b/docs/identitymanager/6.2/integration-guide/api/authentication/index.md index d4c0cd16cf..83c15f39d3 100644 --- a/docs/identitymanager/6.2/integration-guide/api/authentication/index.md +++ b/docs/identitymanager/6.2/integration-guide/api/authentication/index.md @@ -11,17 +11,17 @@ Identity Manager API authentication is based on the `[Usercube application URL]/.well-known/openid-configuration`. An OpenId client must be previously defined using an -[ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) configuration +[OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) configuration element. The `client_id` parameter to use in calls to the OpenIdConnect protocol endpoints must be the concatenation of `clientId`, `@` and the domain of the application. -For example, client defined by +**For example, client defined by** ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/api/pagination/index.md b/docs/identitymanager/6.2/integration-guide/api/pagination/index.md index 9d396a69f9..dfad65c182 100644 --- a/docs/identitymanager/6.2/integration-guide/api/pagination/index.md +++ b/docs/identitymanager/6.2/integration-guide/api/pagination/index.md @@ -13,9 +13,12 @@ The principle is to call the function with the ContinuationToken obtained from t ![Pagination sequence diagram](/img/product_docs/identitymanager/saas/integration-guide/api/pagination/pagination.webp) -**NOTE:** Pagination is optional. If PageSize is not specified, the function will return all items +:::note +Pagination is optional. If PageSize is not specified, the function will return all items or use the limit specified in the squery parameter. If PageSize is specified, no limit must be specified in the squery parameter. +::: + A DefaultPageSize as well as a MaxPageSize can be defined in the Applicative configuration settings. If the given PageSize or squery limit is above the MaxPageSize, the limit of the MaxPageSize` is diff --git a/docs/identitymanager/6.2/integration-guide/api/squery/index.md b/docs/identitymanager/6.2/integration-guide/api/squery/index.md index 46c8c9e827..c3495ed932 100644 --- a/docs/identitymanager/6.2/integration-guide/api/squery/index.md +++ b/docs/identitymanager/6.2/integration-guide/api/squery/index.md @@ -72,7 +72,10 @@ If select is not specified, API will just return queried elements' Ids. Last 100 started job's instances' Ids. -_Remember,_ The `Top` in the API queries had been deprecated and `PageSize`should be used instead. +:::tip +Remember, The `Top` in the API queries had been deprecated and `PageSize`should be used instead. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -101,8 +104,7 @@ script in the command line. ``` { -  "Result": [ -    { +  "Result": [{       "Id": "2147483653",       "Properties": [         { @@ -129,14 +131,12 @@ script in the command line.         {           "Id": "-9223372015379939312",           "Identifier": "WorkflowInstanceId" -        } -      ], +        }],       "Identifier": "AssignedCompositeRole"     },     {       "Id": "2147483654", -      "Properties": [ -        { +      "Properties": [{           "Id": "-9223372011084972031",           "Association1": {             "Id": "-9223372011084972031", @@ -160,8 +160,7 @@ script in the command line.         {           "Id": "-9223372011084972025",           "Identifier": "StartDate" -        } -      ], +        }],       "Identifier": "AssignedResourceNavigation"     }   ] diff --git a/docs/identitymanager/6.2/integration-guide/architecture/index.md b/docs/identitymanager/6.2/integration-guide/architecture/index.md index c25f928fea..2f7922c4bd 100644 --- a/docs/identitymanager/6.2/integration-guide/architecture/index.md +++ b/docs/identitymanager/6.2/integration-guide/architecture/index.md @@ -24,15 +24,15 @@ on Windows. Identity Manager's database is a ![Architecture](/img/product_docs/identitymanager/saas/integration-guide/architecture/architecture.webp) -See the [ SaaS Environment ](/docs/identitymanager/6.2/integration-guide/architecture/saas/index.md) topic for additional information on Netwrix Identity +See the [SaaS Environment](/docs/identitymanager/6.2/integration-guide/architecture/saas/index.md) topic for additional information on Netwrix Identity Manager (formerly Usercube) recommended architecture when working in a SaaS environment. -See the [ On-Premises Environment ](/docs/identitymanager/6.2/integration-guide/architecture/on-prem/index.md) topic for additional information on Netwrix +See the [On-Premises Environment](/docs/identitymanager/6.2/integration-guide/architecture/on-prem/index.md) topic for additional information on Netwrix Identity Manager (formerly Usercube)' recommended architecture when working in an on-premises environment. See how to -[ Protect Agent/Server Communication ](/docs/identitymanager/6.2/integration-guide/architecture/protect-agent-server-communication/index.md). +[Protect Agent/Server Communication](/docs/identitymanager/6.2/integration-guide/architecture/protect-agent-server-communication/index.md). ## Isolation Principle diff --git a/docs/identitymanager/6.2/integration-guide/architecture/protect-agent-server-communication/index.md b/docs/identitymanager/6.2/integration-guide/architecture/protect-agent-server-communication/index.md index cb5c6e5e2f..a8af70e9c8 100644 --- a/docs/identitymanager/6.2/integration-guide/architecture/protect-agent-server-communication/index.md +++ b/docs/identitymanager/6.2/integration-guide/architecture/protect-agent-server-communication/index.md @@ -44,7 +44,7 @@ The agent must be configured, in its `appsettings.json`, with: environment, Identity Manager provides it. In order to give to the agent the right permissions, the XML configuration must specify an -[ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) linked to +[OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) linked to its hashed secret, and to a Identity Manager profile. ## Protect Agent/Server Communication @@ -95,9 +95,9 @@ Protect agent/server communication by proceeding as follows: 3. Configure an OpenIdClient, both on agent side in `appsettings.agent.json` with the non-hashed secret and on server side in the XML configuration with the secret hashed by the - [ Usercube-New-OpenIDSecret ](/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md) + [Usercube-New-OpenIDSecret](/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md) executable. See the - [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) for + [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) for additional information. > For example on agent side: diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/connections/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/connections/index.md index 4e0ac10bdd..8f9ca5eb1c 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/connections/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/connections/index.md @@ -1,4 +1,3 @@ ---- title: "Connections" description: "Connections" sidebar_position: 10 @@ -12,14 +11,14 @@ in order to extract and/or fulfill data from/to external systems. ## Connection Configuration A connector needs at least one -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) which needs to be +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) which needs to be declared both in the XML configuration and in the [appsettings.agent](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) file to be used. The connection settings must be set in appsettings.agent.json > Connections > **connectionIdentifier**, where **connectionIdentifier** is the identifier specified for the connection in the XML configuration. -See the [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for +See the [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. The information stored in the connection depends on the export and/or fulfill technologies used by @@ -30,17 +29,17 @@ information. ## Connection Tables -A [ Connection Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connectiontable/index.md) +A [Connection Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connectiontable/index.md) represents the potential output of the connection's -[ Export Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md), when the +[Export Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md), when the connection's package allows export. The export process generates CSV files (our connection tables) whose names start with the connection's identifier. The files' suffixes depend on the connector. See the [References: Connectors](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/index.md) topic for additional information. The name of these files are used to specify the connection tables of the -[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) +[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and -[ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +[Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) in order to link the connectors' properties to the source files and columns from the managed systems. @@ -104,4 +103,4 @@ Hence, extra care should be taken while specifying them. There are several types of secured options: a simple field or multiple key-value fields. -See the [ Configure Secured Options ](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/configure-secured-options/index.md) topic for additional information. +See the [Configure Secured Options](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/configure-secured-options/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/create-connector/entra-ID/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/create-connector/entra-ID/index.md index a8cbf92639..2a403ca0f8 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/create-connector/entra-ID/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/create-connector/entra-ID/index.md @@ -13,12 +13,12 @@ additional information about creating a connector. The following are prerequisites for the connector creation. -Configure the external system +**Configure the external system** See the [Register for Microsoft Entra ID](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/azuread-register/index.md) topic for additional information on how to register Identity Manager. -Configure Identity Manager +**Configure Identity Manager** See the [ Microsoft Entra ID](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/microsoftentraid/index.md) topic for additional information on the connection. @@ -46,7 +46,7 @@ appsettings.agent.json ## Build the Connector -See the [ Connect to a Managed System ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) +See the [Connect to a Managed System](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) topic for additional information on how to build a connector via the UI, with its connections, entity types and mappings. @@ -162,7 +162,7 @@ expression, the target entity type and property. See the[Binding](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) topic for additional information. -Entity mapping +**Entity mapping** Each property of the entity type must be mapped to an attribute among those exported from Microsoft Entra ID. @@ -279,7 +279,7 @@ entity association mapping) of the CSV file. This is how the connectors are displayed on the UI. -Menu items +**Menu items** Each connector should be configured with a menu item, which is created automatically when working via the UI. @@ -296,10 +296,10 @@ Conf/MicrosoftEntraID/MicrosoftEntraID Nav.xml ``` -Displayed resources +**Displayed resources** See the -[ Organize Resources' Datasheets ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md) +[Organize Resources' Datasheets](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md) topic for additional information on how to set the display properties via the UI. For example: @@ -339,10 +339,10 @@ Conf/MicrosoftEntraID/MicrosoftEntraID UI.xml This is how the resources are displayed on the UI. -Resources' display names +**Resources' display names** See the -[ Set Resources' Display Names ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md) +[Set Resources' Display Names](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md) topic for additional information on how to set resources' display names via the UI. For example: @@ -355,7 +355,7 @@ Conf/MicrosoftEntraID/MicrosoftEntraID UI.xml ``` -Permissions +**Permissions** In order to access the connector, any user must have the right permissions. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/create-connector/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/create-connector/index.md index 333dd6dac8..4f0c04afbc 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/create-connector/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/create-connector/index.md @@ -12,7 +12,7 @@ See an example on how to register [For Microsoft Entra ID](/docs/identitymanager Netwrix Identity Manager (formerly Usercube) strongly recommends configuring as much as possible via the UI instead of XML files. See the -[ Connect to a Managed System ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) topic to +[Connect to a Managed System](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) topic to learn how to create a connector via the UI. ## Prerequisites @@ -31,12 +31,12 @@ settings can also be input through environment variables. See the [Network Configuration](/docs/identitymanager/6.2/integration-guide/network-configuration/index.md) topic for additional information. This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` - appsettings.agent.json +**appsettings.agent.json** { ... "Connections": { ... "": { ... } } } @@ -58,9 +58,7 @@ Microsoft Entra ID](/docs/identitymanager/6.2/integration-guide/connectors/refer ## Build the Connector -See the [ -Connect to a Managed System -](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) topic to learn how to build a connector via the UI, with its connections, entity types and mappings. +See the [Connect to a Managed System](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) topic to learn how to build a connector via the UI, with its connections, entity types and mappings. When exporting the configuration, a `````` connector should be found in the ```Conf// Connector.xml``` file. @@ -70,11 +68,7 @@ All XML files must start with the `````` and `````` ele The [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md) of the connector defines how the exported data will be written to Identity Manager's repository. It should match as closely as possible the structure of the relevant data from the external system, and be aligned with Identity Manager's repository. -The entity model is configured by entity type and entity association containing scalar and navigation properties. See the [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md)[ -Entity Association -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md), and [ -Entity Type -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) topics for additional information. +The entity model is configured by entity type and entity association containing scalar and navigation properties. See the [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md)[Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md), and [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) topics for additional information. The entity model can be refined later in the project. @@ -82,11 +76,7 @@ The entity model can be refined later in the project. Each property of the entity type must be mapped to an attribute from among those exported from the system. -Entity mapping is configured through [ -Entity Type Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and [ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). +Entity mapping is configured through [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). So each element of an entity type mapping is meant to link a property from the result of the CSV export file containing the exported attributes to a property from the entity type. @@ -116,9 +106,7 @@ Then each connector should be configured with a menu item, which is created auto ### Displayed resources -See the [ -Organize Resources' Datasheets -](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md) to learn more on how to set the display properties via the UI. +See the [Organize Resources' Datasheets](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md) to learn more on how to set the display properties via the UI. In the XML configuration, scalar properties are automatically displayed in the datasheets of the connector's resources. But navigation properties must be declared explicitly. @@ -130,15 +118,11 @@ The resources are displayed in a table configurable through a [Display Table](/d ### Resources' display names -See the [ -Set Resources' Display Names -](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md) to learn how to set resources' display names via the UI. +See the [Set Resources' Display Names](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md) to learn how to set resources' display names via the UI. Each resource is displayed in the UI with a display name. -Resources' display names are customizable through [ -Entity Type -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) +Resources' display names are customizable through [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression. ### Permissions diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/credential-protection/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/credential-protection/index.md index bcdb40f1ef..19bd5a5d7f 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/credential-protection/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/credential-protection/index.md @@ -7,7 +7,7 @@ sidebar_position: 20 # Credential Protection The credentials of any managed system can be protected using an -[ RSA Encryption ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), a +[RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), a [CyberArk's AAM Credential Providers ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md) vault or an [Azure Key Vault](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) safe. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/demoapp-banking/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/demoapp-banking/index.md index fc246c59ea..ef2a7e1a10 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/demoapp-banking/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/demoapp-banking/index.md @@ -49,15 +49,21 @@ This API provides: - Operations on users, including: Get list, Get by ID, Create, Update, and Delete (CRUD) - Operations on groups, limited to Get list only -**NOTE:** In the Banking Demo Application appsettings two parameters are available: +:::note +In the Banking Demo Application appsettings two parameters are available: +::: + - `RequireAuthorization` (default: true) — When enabled, the system checks whether a token is present in the request headers - `RequireSecureHeader` (default: false) — When enabled, the system verifies that the SecureHeaderparameter is included in the request headers -_Remember,_ a Postman collection is provided in the same folder as the executable (.exe) to +:::tip +Remember, a Postman collection is provided in the same folder as the executable (.exe) to facilitate API testing. +::: + ## Running the Banking Application diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/index.md index 7d8d1e9890..b10a48cafc 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/index.md @@ -9,7 +9,7 @@ sidebar_position: 10 This part gathers information about connector configuration. Netwrix Identity Manager (formerly Usercube) recommends creating and configuring a connector via the -UI. See the [ Connect to a Managed System ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) +UI. See the [Connect to a Managed System](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) topic for additional information. - [Connections](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/connections/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/powershell-fulfill/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/powershell-fulfill/index.md index c3769ab2d6..c26e860d3c 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/powershell-fulfill/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/powershell-fulfill/index.md @@ -60,8 +60,7 @@ and [Active Directory](/docs/identitymanager/6.2/integration-guide/connectors/re > "Connections": { > ... > "ADFulfillment": { -> "Servers": [ -> { +> "Servers": [> { > "Server": "...", > "BaseDN": "..." > }, @@ -69,7 +68,7 @@ and [Active Directory](/docs/identitymanager/6.2/integration-guide/connectors/re > "Server": "paris.contoso.com", > "BaseDN": "DC=defense,DC=paris,DC=com" > } -> ], +>], > "AuthType": "Basic", > "Login": "...", > "Password": "...", @@ -468,7 +467,7 @@ This example configures the following list display: #### Internal Display Name An `InternalDisplayName` can also be declared as an -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression. The `InternalDisplayName` is used in several UI screens to identify a resource for the user. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/scim-cyberark-export/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/scim-cyberark-export/index.md index 313426e14f..789a16c930 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/scim-cyberark-export/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/scim-cyberark-export/index.md @@ -8,7 +8,7 @@ sidebar_position: 160 This guide shows how to set up a [SCIM](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/scim/index.md) connector to extract data from your CyberArk instance into CSV source files that will in turn be fed to the -[ Upward Data Synchronization ](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) task and to your +[Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) task and to your Identity Manager resource repository. It will focus on registering Identity Manager within the target CyberArk instance, configuring the connector, and building the job to perform regularly scheduled synchronization. @@ -163,7 +163,7 @@ Notice the `*` that separates the entities. ``` - appsettings.agent.json +**appsettings.agent.json** { ... "Connections": { ... "SCIMCyberArkExport": { "Server": "https://host:port/CyberArk/scim", "Login": "Usercube-user", "Password": "Cyberark1", "Filter": @@ -177,9 +177,7 @@ displayName type name", "FilterGroup": "Groups;id displayName", "SCIMSyntax": "C ##### Set up export files -The export generates CSV source files that will be fed to the [ -Upward Data Synchronization -](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) task. +The export generates CSV source files that will be fed to the [Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) task. The SCIM connector generates one file per entity, the name is generated as: ```EntryFile``` + ```'_'``` + ```FilterEntity``` or ```MembersFile``` + ```'_'``` + ```FilterGroupEntity```. @@ -187,9 +185,7 @@ Moreover, ```SyncCookiesFile``` can be specified to indicate the location of the See the [SCIM](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/scim/index.md)topic for additional information. -The target directory and file name are chosen freely. However, Netwrix Identity Manager (formerly Usercube) strongly recommends using the Working Directory ```Temp/ExportOutput``` folder and choosing file names that start with the ```CyberArk_``` prefix. See the [ -Create a Working Directory -](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) topic for additional information. +The target directory and file name are chosen freely. However, Netwrix Identity Manager (formerly Usercube) strongly recommends using the Working Directory ```Temp/ExportOutput``` folder and choosing file names that start with the ```CyberArk_``` prefix. See the [Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) topic for additional information. ##### Example @@ -231,7 +227,7 @@ linked to an Agent. See the [Toolkit for XML Configuration](/docs/identitymanage additional information. It is strongly recommended that the applicative configuration be stored the -[ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) +[Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) `Conf` folder as a set of `xml` files organized by connector. - In the `Conf` folder, create a `SCIMCyberArk` directory. @@ -239,13 +235,13 @@ It is strongly recommended that the applicative configuration be stored the This file contains the declaration of the connector and the associated Entity Model. -- Use the [ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) element to +- Use the [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) element to declare the connector with the following attributes: - **Identifier** identifies this connector in the applicative configuration. We recommend using a meaningful name such as `CyberArk`. If several connections to several CyberArk targets are possible, only one CyberArk Connector per Agent is used. See the - [ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) + [Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) topic for additional information. - **DisplayName_Li, i ? [1..16]** are used in the UI. - **Agent** is the identifier of the Agent that will run this connector's export task. The @@ -275,24 +271,24 @@ It is strongly recommended that the applicative configuration be stored the The exported data to be written to the resource repository must be aligned with the [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md). See the -[ Identity Management ](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md) topic +[Identity Management](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md) topic for additional information. The [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md) should match as closely as possible the structure of the CyberArk data relevant for Identity Manager. It is designed by analyzing the CyberArk data structure, and describing said data with the Entity Types and -[ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +[Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). Eventually, it is up to the integration team to design the [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md) that best serves the Role Model needs. It will most likely be refined iteratively throughout the project integration. See the -[ Assignment Policy ](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) topic for additional +[Assignment Policy](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) topic for additional information. A good starting point for the Entity Model is to mirror the shape of the exported CyberArk SCIM objects. This guide provides a few examples that can serve this purpose. Thus, CyberArk SCIM objects such as **Users** and **Groups** can be described by Entity Types, and group membership by -[ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). See -the [ Assignment Policy ](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) topic for additional +[Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). See +the [Assignment Policy](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) topic for additional information. The [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md) for the CyberArk connector is written in the @@ -310,14 +306,14 @@ Declaring an Entity Type is achieved with the `` tag and the followi - **DisplayName_Li, i ? [1..16]** are used in the UI to identify this Entity Type for the end-user. **DisplayName_L1** is the name of the entity type in _language number one_. If this language is _English_, a good example value would be `CyberArk - User`. See the - [ Assignment Policy ](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) topic for additional + [Assignment Policy](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) topic for additional information. ##### Example ``` - Conf/SCIMCyberArk/CyberArk Connector.xml +**Conf/SCIMCyberArk/CyberArk Connector.xml** ... ... ... @@ -336,9 +332,7 @@ Finally, the main attributes of the `````` tag are the following: - __Identifier__ identifies the property with a mandatory unique name. It must be unique among the entity properties for this entity type. - __DisplayName_Li, i ? [1..16]__ are used in the UI. - __Type__ defines the type of property. A scalar property type can be: ```String```, ```Bytes```, ```Int16```, ```Int32```, ```Int64```, ```DateTime```, ```Bool```, ```Guid```, ```Double```, ```Binary```, ```Byte```, or ```Option```. The navigation property type is ```ForeignKey```. -- __TargetColumnIndex__ defines in which column of the resource table the property is stored. See the [ - Entity Type - ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)topic for additional information. +- __TargetColumnIndex__ defines in which column of the resource table the property is stored. See the [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)topic for additional information. ##### Example @@ -356,9 +350,9 @@ Notice the omitted __TargetColumnIndex__ attribute and the presence of ```Type=" #### Write entity associations -[ Assignment Policy ](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) are associated through their +[Assignment Policy](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) are associated through their navigation properties with -[ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) +[Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) elements. ##### Example @@ -373,7 +367,7 @@ of this **Group**. ``` - Conf/SCIMCyberArk/CyberArk Connector.xml +**Conf/SCIMCyberArk/CyberArk Connector.xml** ... ... @@ -381,29 +375,19 @@ of this **Group**. ```` -The exact nature of the IDs are described by the associated [ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). +The exact nature of the IDs are described by the associated [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). -Notice the format of the __Property1__ and __Property2__ xml attributes: the name of the entity type followed by ```:``` and the name of an entity property. It is a [ -Binding -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) that describes in one expression both the target entity type and property. +Notice the format of the __Property1__ and __Property2__ xml attributes: the name of the entity type followed by ```:``` and the name of an entity property. It is a [Binding](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) that describes in one expression both the target entity type and property. ### Create mapping The entity type must be mapped property by property to the exported attributes of CyberArk SCIM objects (namely, the columns of the CSV source files generated by the export). -The [ -Entity Type Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), [ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), and Entity Property Mapping elements serve this purpose. +The [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), and Entity Property Mapping elements serve this purpose. #### Write the entity type mapping -The [ -Entity Type Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element maps scalar properties from the CSV source file to an entity type. +The [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element maps scalar properties from the CSV source file to an entity type. The CSV source file path is written to the __ConnectionTable__ xml attribute. The target entity type name is written to the __Identifier__ xml attribute. @@ -417,7 +401,7 @@ The CSV source file path is written to the __ConnectionTable__ xml attribute. Th ```` To do so, the entity type mapping uses the -[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) +[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element with the `` tag. This maps the CSV column from `ConnectionColumn` to the target EntityType property which is written to the **Identifier** attribute. @@ -425,7 +409,7 @@ EntityType property which is written to the **Identifier** attribute. ``` - Conf/SCIMCyberArk/CyberArk Connector.xml +**Conf/SCIMCyberArk/CyberArk Connector.xml** ... @@ -454,19 +438,9 @@ Let's take the example of a new ```CyberArk_User``` which has never been synchro #### Write the entity association mapping -The [ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element maps navigation properties, used in [ -Entity Association -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +The [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element maps navigation properties, used in [Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). -An [](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)[ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element refers to an [ -Entity Association -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) written to the __Identifier__ xml attribute. Then, just as the [ -Entity Type Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element, it maps columns values from a CSV source file to an EntityType property. +An [](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)[Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element refers to an [Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) written to the __Identifier__ xml attribute. Then, just as the [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element, it maps columns values from a CSV source file to an EntityType property. ##### Example @@ -498,16 +472,16 @@ Here are a few explanations: The `Users` property in the `CyberArk_Group` entity: - is written to the **Property1** attribute of the `CyberArk_Group_Members` - [ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) + [Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) element. - is filled in by values from the `MemberId` column (written to the **Column2** attribute of the `CyberArk_Group_Members` - [](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)[ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) + [](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)[Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element) in the `C:/identitymanagerDemo/Temp/ExportOutput/CyberArk_members_Groups.csv` file. These values identify resources of type `CyberArk_User` by their `CyberArk_id` property (written to the **EntityPropertyMapping2** attribute of the -[](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)[ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +[](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)[Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element. ###### Groups/_CyberArk_User_ @@ -515,16 +489,16 @@ element. The `Groups` property in the `CyberArk_User` entity: - is written to the **Property2** attribute of the `CyberArk_Group_Members` - [ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) + [Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) element). - is filled in by values from the _value_ column (written to the **Column1** attribute of the `CyberArk_Group_Members` - [ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) + [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element) in the `C:/identitymanagerDemo/Temp/ExportOutput/CyberArk_members_Groups.csv` file. These values identify resources of type `CyberArk_Group` by their `CyberArk_id` property (written to the **EntityPropertyMapping1** attribute of the -[ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +[Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element). ## Display @@ -533,7 +507,7 @@ This step focuses on configuring a nice display for the synchronized list of res ### Navigation -A [ Menu Item ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) can be added to +A [Menu Item](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) can be added to include a link to the resources list in the left menu in the UI home screen. #### Parent menu item @@ -545,7 +519,7 @@ usually declared in the configuration root folder `Nav.xml` file. ``` - Conf/Nav.xml +**Conf/Nav.xml** ... @@ -588,7 +562,7 @@ describes how a single resource should be displayed. ``` - Conf/SCIMCyberArk/CyberArk UI.xml +**Conf/SCIMCyberArk/CyberArk UI.xml** ... @@ -626,7 +600,7 @@ configures the following list display: #### Internal display name An `InternalDisplayName` can also be declared as an -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression. The `InternalDisplayName` is used in several UI screens to identify a resource for the user. @@ -638,7 +612,7 @@ of the entity type is used. ``` - Conf/SCIMCyberArk/CyberArk UI.xml +**Conf/SCIMCyberArk/CyberArk UI.xml** ... ... @@ -652,9 +626,7 @@ adds the ```InternalDisplayName``` to the CyberArk_User entity type to be used b This step focuses on setting up permissions for Identity Manager's end-users granting them access to the connector. -The [Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) and [Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) elements define the [ -AccessControlPermission -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpermission/index.md) for end-user profiles to read and write the connector's data (such as resources of a given entity type). It used by the UI when displaying data such as resources and available roles. +The [Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) and [Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) elements define the [AccessControlPermission](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpermission/index.md) for end-user profiles to read and write the connector's data (such as resources of a given entity type). It used by the UI when displaying data such as resources and available roles. It is strongly recommended that permissions be written to a new file. For example, the administrator profile permissions can be written to the ```CyberArk Profile Administrator.xml``` file. @@ -691,7 +663,7 @@ scaffolding. ``` - Conf/SCIMCyberArk/SCIM CyberArk Jobs.xml +**Conf/SCIMCyberArk/SCIM CyberArk Jobs.xml** ... @@ -710,22 +682,16 @@ Incremental synchronization can be configured with the following scaffolding. Se The execution of a Job entails execution of Tasks, reading/writing to the Database and sending files over to the Server. These operations are protected by an authorization mechanism. -To complete a Job, the Agent, via the [ -Usercube-Invoke-Job -](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md) uses: +To complete a Job, the Agent, via the [Usercube-Invoke-Job](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md) uses: -- A [ - Profile - ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) associated with the Job itself to read/write: +- A [Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) associated with the Job itself to read/write: - ```UJ_Jobs``` and ```UJ_Tasks``` tables in a list of tasks - ```UJ_JobInstances``` tables in the progress report - a Profile for each Task, to read/write ```UJ_TaskInstances``` tables (Progress Report) and perform other operations such as sending export files over to the Server. Each Profile must be assigned the right permissions for the associated Job or Task to perform. -Every request from Agent to Server within the execution of a Job needs to be authenticated with an [ -OpenIdClient -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect /Secret pair, linked to a Profile. +Every request from Agent to Server within the execution of a Job needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect /Secret pair, linked to a Profile. #### Create a profile @@ -741,7 +707,7 @@ Here, we focus on creating one profile, used by the Job and every Task of the Jo As the Principle of Least Privilege states, Netwrix Identity Manager (formerly Usercube)strongly recommends that you create a -[ Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) to be used during +[Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) to be used during the Synchronization jobs which will be different from the one used during the Provisioning job. This contributes to separating access rights. The same principle applied even more rigorously would make Identity Manager create one profile per @@ -750,7 +716,7 @@ Task. It isn't necessary as most Synchronization tasks require the same permissi #### Grant synchronization access rights to the profile For an Agent to launch server-side Tasks from the Job via the -[ Usercube-Invoke-Job ](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md), the profile linked to +[Usercube-Invoke-Job](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md), the profile linked to these tasks and used by the tool should be authorized to execute said tasks. Server-side Tasks for a simple Synchronization job usually are: @@ -777,9 +743,9 @@ Required permissions are: - `/Connectors/SynchronizeSession` Granting access can be done via the -[ SynchronizationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) +[SynchronizationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) scaffolding and -the[ Job View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md) +the[Job View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md) scaffolding. The following examples (or similar) should be written to `Conf/Profile AgentSychro.xml`. @@ -805,14 +771,14 @@ with the following access rights: - `/Jobs/RunJob/Launch` This can be done via the -[ Job Execution Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) +[Job Execution Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) scaffolding. ##### Example ``` - Conf/Profile AgentSychro.xml +**Conf/Profile AgentSychro.xml** ... ... @@ -821,13 +787,9 @@ scaffolding. #### Declare usable ClientId/Secret pairs in the configuration -An Agent's [ -Profile -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) is associated with a ```ClientId/Secret``` pair used by the Agent to authenticate to the Server. +An Agent's [Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) is associated with a ```ClientId/Secret``` pair used by the Agent to authenticate to the Server. -Usable ```ClientId/Secret``` pairs are written to the database from the xml configuration using the [ -OpenIdClient -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) xml element. +Usable ```ClientId/Secret``` pairs are written to the database from the xml configuration using the [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) xml element. It is strongly recommended that you write the `````` xml element to a new or existing ```OpenIdClients.xml``` file in the configuration root folder. @@ -835,9 +797,7 @@ The ```ClientId/Secret``` pair hence created must be associated with the profile ##### __Example__ -The following example creates a ```ClientId/Secret``` pair to be used by the Agent to authenticate to the Server and complete Jobs. The secret is hashed with the [ -Usercube-New-OpenIDSecret -](/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md) tool. +The following example creates a ```ClientId/Secret``` pair to be used by the Agent to authenticate to the Server and complete Jobs. The secret is hashed with the [Usercube-New-OpenIDSecret](/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md) tool. ``` @@ -880,7 +840,7 @@ scheduler. #### With Identity Manager's scheduler -Use the [ Job ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/job/index.md) CronTab Expression attribute. +Use the [Job](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/job/index.md) CronTab Expression attribute. > This example uses Identity Manager's scheduler to execute the > `CyberArk_Synchronize_Complete_Manually` job every fifteen minutes: @@ -902,7 +862,7 @@ For more details about checking Crontab expressions, see the #### With an external scheduler An external scheduler would rely on the -[ Usercube-Invoke-Job ](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md) tool. +[Usercube-Invoke-Job](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md) tool. ##### Example @@ -922,9 +882,7 @@ using the "Job/secret" authentication pair to connect to the Identity Manager S ### Deploy configuration -The configuration is written to the database using the [ -Deploy Configuration Task -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) tool. +The configuration is written to the database using the [Deploy Configuration Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) tool. ### Test diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/scim-salesforce-provisioning-entitlements/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/scim-salesforce-provisioning-entitlements/index.md index fd2f0486b0..a73aa1e0f0 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/scim-salesforce-provisioning-entitlements/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/scim-salesforce-provisioning-entitlements/index.md @@ -33,7 +33,7 @@ have an entity property with exactly `type` as identifier: ``` - +**** ``` @@ -41,7 +41,7 @@ And to map it in the `Entitlements` entity type mapping: ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/sharepoint-export/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/sharepoint-export/index.md index 0075a05cd8..6395c2e5b0 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/sharepoint-export/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/sharepoint-export/index.md @@ -43,7 +43,7 @@ needs to be owner of the site. This step sets up the Identity Manager Agent in order to use the SharePoint connector and access the SharePoint data. -This guide focuses on the [ Architecture ](/docs/identitymanager/6.2/integration-guide/architecture/index.md) method. Remember that +This guide focuses on the [Architecture](/docs/identitymanager/6.2/integration-guide/architecture/index.md) method. Remember that settings can also be input through architecture. #### Connect to the SharePoint instance @@ -94,7 +94,7 @@ configuration, and only then, switching to a more secure way of storing credenti ##### Set up export files The export generates CSV source files that will be fed to the -[ Upward Data Synchronization ](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) task. +[Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) task. The target path for these files can be set up using the following settings: @@ -105,7 +105,7 @@ The target path for these files can be set up using the following settings: ``` - appsettings.agent.json +**appsettings.agent.json** { ... "Connections": { ... "SharePointExportContoso": { "Server": "https://contoso.sharepoint.com/", "Login": "usercube.service@contoso.com", "Password": "19f23f48379d50a9a50b8c" } } } @@ -179,7 +179,7 @@ configuration and linked to an Agent. See the It is strongly recommended that the applicative configuration be stored in the working directory `Conf` folder as a set of `xml` files organized by connector. See -the[ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) +the[Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) topic for additional information. - In the `Conf` folder, create a `SharePoint` directory. @@ -188,7 +188,7 @@ topic for additional information. This file should contain the declaration of the connector and the associated [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md). -- Use the [ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md)element to +- Use the [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md)element to declare the connector with the following attributes: - **Identifier** identifies this connector in the applicative configuration. See the @@ -224,17 +224,17 @@ topic for additional information. The exported data to be written to the resource repository must be aligned with the [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md). See -the[ Identity Management ](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md)topic +the[Identity Management](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md)topic for additional information. The [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md) should match as closely as possible the structure of the SharePoint data relevant for Identity Manager. It is designed by analyzing the SharePoint data structure, and describing said data with [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md) and an -[ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +[Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). Eventually, it is up to the integration team to design the [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md) that best serves the -[ Assignment Policy ](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) needs. It will be refined +[Assignment Policy](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) needs. It will be refined iteratively throughout the project phase. A good starting point for the Entity Model is to mirror the shape of the exported SharePoint @@ -264,7 +264,7 @@ and the following attributes: ``` - Conf/SharePoint/SharePoint Connector.xml +**Conf/SharePoint/SharePoint Connector.xml** ... ... @@ -299,14 +299,14 @@ SharePoint. [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md) types are associated through their navigation properties with -[ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) +[Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) elements. ##### Example ``` - Conf/SharePoint/SharePoint Connector.xml +**Conf/SharePoint/SharePoint Connector.xml** ... @@ -320,29 +320,19 @@ elements. ```` -The exact nature of the IDs are described by the associated [ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). +The exact nature of the IDs are described by the associated [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). -Notice the format of the __Property1__ and __Property2__ xml attributes: the name of the entity type is followed by ```:``` and the name of an entity property. It is a [ -Binding -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) describing in one expression, the target entity type and property. +Notice the format of the __Property1__ and __Property2__ xml attributes: the name of the entity type is followed by ```:``` and the name of an entity property. It is a [Binding](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) describing in one expression, the target entity type and property. ### Create mapping The entity type must be mapped property by property to the exported attributes of SharePoint objects (namely, the columns of the CSV source files generated by the export). -The [ -Entity Type Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), [ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), and Entity Type Mapping elements serve this purpose. +The [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), and Entity Type Mapping elements serve this purpose. #### Entity type mapping -The [ -Entity Type Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element maps the scalar properties from the CSV source file to an entity type. +The [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element maps the scalar properties from the CSV source file to an entity type. The CSV source file path is written to the ```ConnectionTable``` xml attribute. The target entity type name is written to the ```Identifier``` xml attribute. @@ -356,7 +346,7 @@ The CSV source file path is written to the ```ConnectionTable``` xml attribute. ```` To do so, the entity type mapping element uses the -[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) +[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element with the `` tag. This maps the CSV column from `ConnectionColumn` to the target EntityType property which is written to the **Identifier** attribute. @@ -364,7 +354,7 @@ EntityType property which is written to the **Identifier** attribute. ``` - Conf/SharePoint/SharePoint Connector.xml +**Conf/SharePoint/SharePoint Connector.xml** ... @@ -405,19 +395,9 @@ As a result, after synchronization, the ```UR_Resource``` table will be updated #### Entity association mapping -The [ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element maps the navigation properties used in [ -Entity Association -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +The [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element maps the navigation properties used in [Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). -An [ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element refers to an [ -Entity Association -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) written to the ```Identifier``` xml attribute. Then, like [ -Entity Type Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), it maps column values from a CSV source file to an EntityType property. +An [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element refers to an [Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) written to the ```Identifier``` xml attribute. Then, like [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), it maps column values from a CSV source file to an EntityType property. ##### Example @@ -435,7 +415,7 @@ This step focuses on configuring a nice display for the synchronized list of res ### Nav -A [ Menu Item ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) can be added to +A [Menu Item](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) can be added to include a link to the resources list in the left menu on the UI home screen. #### Parent menu item @@ -447,7 +427,7 @@ items. This is usually declared in the `Nav.xml` file in the configuration root ``` - Conf/Nav.xml +**Conf/Nav.xml** ... @@ -488,7 +468,7 @@ describes how a single resource should be displayed. ``` - Conf/SharePoint/SharePoint UI.xml +**Conf/SharePoint/SharePoint UI.xml** ... @@ -538,7 +518,7 @@ of the entity type is used. ``` - Conf/SharePoint/SharePoint Connector.xml +**Conf/SharePoint/SharePoint Connector.xml** ... @@ -558,9 +538,7 @@ This example adds the ```InternalDisplayName``` to the ```SharePoint_Entity```, This step focuses on setting up permissions for Identity Manager's end-users granting them access to the connector. -The [Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) and [Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) elements define [ -AccessControlPermission -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpermission/index.md) for end-user profiles to read and write the connector's data (such as resources of a given entity type). It is used by the UI when displaying data such as resources and available roles. +The [Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) and [Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) elements define [AccessControlPermission](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpermission/index.md) for end-user profiles to read and write the connector's data (such as resources of a given entity type). It is used by the UI when displaying data such as resources and available roles. It is strongly recommended that permissions be written to a new file. For example, the administrator profile permissions can be written to the ```SharePoint Profile Administrator.xml``` file. @@ -593,7 +571,7 @@ other related operations. ``` - Conf/SharePoint/SharePoint Jobs.xml +**Conf/SharePoint/SharePoint Jobs.xml** ... @@ -606,9 +584,7 @@ Notice the __Agent__ attribute that contains the name of the Agent which execute ### Components -The[ -Upward Data Synchronization -](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md)job includes three steps: +The[Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md)job includes three steps: - Export - Prepare-Synchro @@ -632,9 +608,9 @@ The execution of a Job entails execution of Tasks, reading/writing to the Databa over to the Server. These operations are protected by an authorization mechanism. To complete a Job, the Agent, via -the[ Usercube-Invoke-Job ](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md) uses: +the[Usercube-Invoke-Job](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md) uses: -- a [ Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) associated with +- a [Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) associated with the Job itself, to read/write: - `UJ_Jobs` and `UJ_Tasks` tables in a list of tasks - `UJ_JobInstances` tables in the progress report @@ -644,7 +620,7 @@ the[ Usercube-Invoke-Job ](/docs/identitymanager/6.2/integration-guide/executabl Each Profile must be assigned the right permissions for the associated Job or Task to perform. Every request from Agent to Server within the execution of a Job needs to be authenticated with an -[ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect +[OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a Profile. #### Create a profile @@ -653,23 +629,19 @@ Here, we focus on creating one profile, used by the Job and every Task of the Jo ``` - Conf/Profile AgentJob.xml +**Conf/Profile AgentJob.xml** ... ... ```` -As the Principle of Least Privilege states, Netwrix Identity Manager (formerly Usercube) strongly recommends that you create a[ -Profile -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) to be used during the Synchronization jobs which will be different from the one used during the Provisioning job. This contributes to separating access rights. +As the Principle of Least Privilege states, Netwrix Identity Manager (formerly Usercube) strongly recommends that you create a[Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) to be used during the Synchronization jobs which will be different from the one used during the Provisioning job. This contributes to separating access rights. The same principle applied even more rigorously would make Identity Manager create one profile per Task. It isn't necessary as most Synchronization tasks require the same permissions. #### Grant synchronization access rights to the profile -For an Agent to launch server-side Tasks from the Job via the [ -Usercube-Invoke-Job -](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md) tool, the profile linked to these tasks and used by the tool should be authorized to execute said tasks. +For an Agent to launch server-side Tasks from the Job via the [Usercube-Invoke-Job](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md) tool, the profile linked to these tasks and used by the tool should be authorized to execute said tasks. Server-side Tasks for a simple Synchronization job usually are: @@ -694,11 +666,7 @@ __Synchronization and Prepare-Synchronization__ - ```/Connectors/Connector/Query``` - ```/Connectors/SynchronizeSession``` -Granting access can be done via the [ -SynchronizationAccessControlRules -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) and the [ -Job View Access Control Rules -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md). +Granting access can be done via the [SynchronizationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) and the [Job View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md). The following examples should be written to ```Conf/Profile AgentSychro.xml```. @@ -718,7 +686,7 @@ with the following access rights: - `/Jobs/RunJob/Launch` This can be done via -the[ Job Execution Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) +the[Job Execution Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) scaffolding. ##### Example @@ -730,13 +698,9 @@ scaffolding. #### Declare usable ClientId/Secret pairs in the configuration -An Agent's a[ -Profile -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md)is associated with a ```ClientId/Secret``` pair used by the Agent to authenticate to the Server. +An Agent's a[Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md)is associated with a ```ClientId/Secret``` pair used by the Agent to authenticate to the Server. -Usable ```ClientId/Secret``` pairs are written to the database from the xml configuration using the [ -OpenIdClient -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) xml element. +Usable ```ClientId/Secret``` pairs are written to the database from the xml configuration using the [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) xml element. It is strongly recommended to write the `````` xml element to a new or existing ```OpenIdClients.xml``` file in the configuration root folder. @@ -744,9 +708,7 @@ The ```ClientId/Secret``` pair hence created must be associated with the profile ##### __Example__ -The following example creates a ```ClientId/Secret``` pair to be used by the Agent to authenticate to the Server and complete Jobs. The secret is hashed with the[ -Usercube-New-OpenIDSecret -](/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md) tool. +The following example creates a ```ClientId/Secret``` pair to be used by the Agent to authenticate to the Server and complete Jobs. The secret is hashed with the[Usercube-New-OpenIDSecret](/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md) tool. ``` @@ -759,7 +721,7 @@ Usercube-New-OpenIDSecret ``` - Conf/OpenIdClients.xml +**Conf/OpenIdClients.xml** ... @@ -801,9 +763,7 @@ Scheduling the job execution can rely either on Identity Manager's scheduler or #### With Scheduler -Use the [ -Job -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/job/index.md) attribute. +Use the [Job](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/job/index.md) attribute. > This example uses Identity Manager's scheduler to execute the ```SharePoint_Synchronization_Delta``` job every fifteen minutes: > @@ -819,9 +779,7 @@ For more details about checking Crontab expressions, see the [crontab.guru](http #### With an external scheduler -An external scheduler would rely on the [ -Usercube-Invoke-Job -](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md) tool. +An external scheduler would rely on the [Usercube-Invoke-Job](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md) tool. ##### Example @@ -838,7 +796,7 @@ The following command can be scheduled. It executes the ```SharePoint_Synchroniz ### Deploy configuration The configuration is written to the database using the -[ Deploy Configuration Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md). +[Deploy Configuration Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md). ### Test diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-fulfill-powershell-script/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-fulfill-powershell-script/index.md index 52ce4badfe..88b15867cb 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-fulfill-powershell-script/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-fulfill-powershell-script/index.md @@ -7,7 +7,7 @@ sidebar_position: 100 # Write a PowerShell Script for Provisioning This guide shows how to write a PowerShell script used by the -[ PowerShellProv ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md) connector. +[PowerShellProv](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md) connector. ## Structure of a PowerShell Script @@ -87,8 +87,7 @@ The previous parameter `$order` is an object corresponding to the following prov ``` { - "ProvisioningOrdersList": [ - { + "ProvisioningOrdersList": [{ "AssignedResourceTypeId": "3930001", "ChangeType": "Added", "WorkflowInstanceId": "81", @@ -119,8 +118,7 @@ The previous parameter `$order` is an object corresponding to the following prov "firstName": "James", "lastName": "Bond" } - } - ] + }] } ``` @@ -185,7 +183,7 @@ This is the last part of the function: ``` -Define how to send logs to Identity Manager +**Define how to send logs to Identity Manager** The three methods to log in Identity Manager are: @@ -199,7 +197,7 @@ Now that the function has been defined, the main code of the script can be writt ### Write the main code of the script -Read the options parameter from the standard input +**Read the options parameter from the standard input** The options parameter isn't mandatory in the JSON file. If it isn't provided, don't perform this step. @@ -213,7 +211,7 @@ $options.Message # -> Hello ``` -Rest of the main script +**Rest of the main script** In general, this part contains the code to connect to the external system and executes the `Usercube-Visit-Orders` script. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-fulfill-robotframework-script/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-fulfill-robotframework-script/index.md index e2deef3a35..5041d66570 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-fulfill-robotframework-script/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-fulfill-robotframework-script/index.md @@ -7,7 +7,7 @@ sidebar_position: 130 # Write a Robot Framework Script This guide shows how to write a Robot Framework script that will be used by -[ Robot Framework ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/robotframework/index.md). +[Robot Framework](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/robotframework/index.md). ## Structure of a Robot Framework Script @@ -160,7 +160,7 @@ for additional information. | Keyword | Details | | -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----- | ------- | | Catch Keyword | **Arguments** `Keyword`: Keyword `*args` **Description** Launches `Keyword` with the given arguments `*args` if the keyword launched by `Try Keyword` failed. If `Try Keyword` was not called, this keyword will not do anything. `Catch Keyword` should always be called right after `Try Keyword`. **Example** Try to connect to `Usercube.com`. If the connection fails, restart the browser and try to connect to `Usercube.com`: `Connect to URL Try Keyword Go To Usercube.com Catch Keyword Restart Browser At URL Usercube.com` | -| Generate Password | **Description** Generates a password based on the [ Password Reset Settings ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) associated to the [Resource Type Mappings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/index.md) being provisioned. `Send Password Notification` should always be called after `Generate Password`, preferably right after the password is used. If `Send Password Notification` is not called before the provisioning of the resource is over, it will automatically be called. If multiple passwords should be generated, `Send Password Notification` should be called after each password generation. **Returns** `Password`: string | +| Generate Password | **Description** Generates a password based on the [Password Reset Settings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) associated to the [Resource Type Mappings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/index.md) being provisioned. `Send Password Notification` should always be called after `Generate Password`, preferably right after the password is used. If `Send Password Notification` is not called before the provisioning of the resource is over, it will automatically be called. If multiple passwords should be generated, `Send Password Notification` should be called after each password generation. **Returns** `Password`: string | | Get Secure Data | **Arguments** `Attribute`: string `Erase Data`: boolean **Description** Retrieves the secured option `Attribute` from the connector configuration. If `Erase Data` is set to true, the secured option is deleted once it is read. **Example** Get Login option and erase it: ```Get Secure Data | Login | True``` | | Launch Provisioning | **Description** Launches the provisioning defined by the provisioning orders. This keyword is required for any provisioning to happen. | | Log Debug | **Arguments** `Message`: string **Description** Logs `Message` at the `Debug` log level. **Example** Log a keyword failure message: `Log Debug The keyword has failed` | @@ -295,7 +295,7 @@ and `Generate Password` are exceptions. prompt. As an example, if the script requires a `Login` and `Password` attribute : `{"Login":"login","Password":"password"}` - `Generate Password`: This keyword expects a file that contains the - [ Password Reset Settings ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) + [Password Reset Settings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) associated to the provisioned [Resource Type Mappings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/index.md). The easiest way to enable the `Generate Password` keyword is as follow: @@ -369,7 +369,7 @@ We define all the custom functions which we will use to provision the external s - `Write Header`: defines the header to write in the CSV and calls `Write Data` to write it. - `Open Telnet Connection`: opens the Telnet connection to the external system using the login and the password defined in the - [ Robot Framework ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/robotframework/index.md) attribute in + [Robot Framework](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/robotframework/index.md) attribute in `appsettings.agent.json`, as well as the IP address defined in the `Variables` section. ``` diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-sync-powershell-script/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-sync-powershell-script/index.md index 7942e29dbe..416dad1c42 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-sync-powershell-script/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-sync-powershell-script/index.md @@ -7,6 +7,6 @@ sidebar_position: 110 # Write a PowerShell Script for Synchronization This guide shows how to write a PowerShell script used by the -[ PowerShellSync ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellsync/index.md) connector. +[PowerShellSync](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellsync/index.md) connector. The documentation is not yet available for this page and will be completed in the near future. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-ticket-template/index.md b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-ticket-template/index.md index 66d4010a0b..5aeab453a1 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-ticket-template/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-ticket-template/index.md @@ -64,7 +64,7 @@ messages can be shown if several changes meet the condition. Please create a resource "{{ResourceType}}" for user {{Username}}. -For more information on the user, see: {{UsercubeProfileLink}} +**For more information on the user, see: {{UsercubeProfileLink}}** {{#ifCond ProvisioningOrder.ChangeType '==' 'Deleted'}} To delete the account, please contact the IT team. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/index.md b/docs/identitymanager/6.2/integration-guide/connectors/index.md index f8b7be3541..1216e38d6b 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/index.md @@ -89,7 +89,7 @@ Identity Manager's connectors all operate on the same basic principles. Technica - A connection describes the technology used that enables data to flow back and forth between Identity Manager and the managed system; See the - [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional + [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. > We want to use a connection `Directory/Active Directory` to perform synchronization and @@ -113,7 +113,7 @@ Identity Manager's connectors all operate on the same basic principles. Technica - The intent of resources within the managed system is made clear by categorizing resources into resource types. See the [Resource Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) and - [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topics for additional + [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topics for additional information. > We categorize AD resources into distinct resource types: `AD User (nominative)` for basic @@ -144,7 +144,7 @@ for additional information. | Connector | Description | Synchronization | Provisioning | | ------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------- | ------------ | | Active Directory | Exports and fulfills data from/to an Active Directory instance. See the [Active Directory](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/activedirectory/index.md) topic for additional information. | √ | √ | -| Azure | Exports Azure resources, role definitions and role assignments. See the [ Azure ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/azure/index.md) topic for additional information. | √ | X | +| Azure | Exports Azure resources, role definitions and role assignments. See the [Azure](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/azure/index.md) topic for additional information. | √ | X | | Microsoft Entra ID (formerly Microsoft Azure AD) | Exports and fulfills data from/to a Microsoft Entra ID instance. See the Microsoft Entra ID, [For Microsoft Entra ID](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/create-connector/entra-ID/index.md), and [For Microsoft Entra ID](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/setup-incremental-sync/entra-ID/index.md) topics for additional information. | √ | X | | CSV | Exports data from a CSV file. See the [CSV](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/csv/index.md) topic for additional information. | √ | X | | EasyVista | Exports data from an EasyVista-compliant system. See the [EasyVista](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvista/index.md) topic for additional information. | √ | √ | @@ -160,17 +160,17 @@ for additional information. | Microsoft Exchange | Exports data from a Microsoft Exchange instance. See the [Microsoft Exchange](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/microsoftexchange/index.md) topic for additional information. | √ | √ | | OData | Exports entities from an OData instance. See the [OData](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/odata/index.md) topic for additional information. | √ | X | | OpenLDAP | Exports and fulfills from/to an OpenLDAP directory. See the [OpenLDAP](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/openldap/index.md) topic for additional information. | √ | √ | -| PowerShell | Executes PowerShell scripts to generate CSV source files from otherwise unsupported sources. See the [PowerShellProv](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md), [Write a PowerShell Script for Provisioning](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-fulfill-powershell-script/index.md), and [ Fulfill Microsoft Exchange via PowerShell ](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/powershell-fulfill/index.md) topics for additional information. | X | √ | +| PowerShell | Executes PowerShell scripts to generate CSV source files from otherwise unsupported sources. See the [PowerShellProv](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md), [Write a PowerShell Script for Provisioning](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-fulfill-powershell-script/index.md), and [Fulfill Microsoft Exchange via PowerShell](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/powershell-fulfill/index.md) topics for additional information. | X | √ | | RACF | Exports data from a RACF file. See the [RACF](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/racf/index.md) topic for additional information. | √ | X | -| Robot Framework | Executes Robot Framework scripts to fulfill data to external systems. See the [Robot Framework](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/robotframework/index.md), [ Write a Robot Framework Script ](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-fulfill-robotframework-script/index.md), [Interact with a Web Page via Robot Framework](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/interact-web-page-robotframework/index.md), and [Interact with a GUI Application via Robot Framework](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/interact-gui-robotframework/index.md) topics for additional information. | X | √ | +| Robot Framework | Executes Robot Framework scripts to fulfill data to external systems. See the [Robot Framework](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/robotframework/index.md), [Write a Robot Framework Script](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/write-fulfill-robotframework-script/index.md), [Interact with a Web Page via Robot Framework](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/interact-web-page-robotframework/index.md), and [Interact with a GUI Application via Robot Framework](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/interact-gui-robotframework/index.md) topics for additional information. | X | √ | | SAP | Exports and fulfills data from/to an SAP system. See the [SAP Netweaver](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sapnetweaver/index.md) topic for additional information. | √ | X | | SAP ERP 6.0 | Exports and fulfills data from/to an SAP ERP 6.0 system. See the [SAP ERP 6.0 and SAP S4/HANA](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/saperp6/index.md) topics for additional information. | √ | √ | -| SCIM | Exports and fulfills data from/to a SCIM-compliant web application. See the [SCIM](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/scim/index.md), [ Export CyberArk Data via SCIM ](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/scim-cyberark-export/index.md) and [ Provision Salesforce Users' Profiles via SCIM ](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/scim-salesforce-provisioning-entitlements/index.md) topics for additional information. | √ | √ | +| SCIM | Exports and fulfills data from/to a SCIM-compliant web application. See the [SCIM](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/scim/index.md), [Export CyberArk Data via SCIM](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/scim-cyberark-export/index.md) and [Provision Salesforce Users' Profiles via SCIM](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/scim-salesforce-provisioning-entitlements/index.md) topics for additional information. | √ | √ | | ServiceNow Entity Management | Manages ServiceNow entities. See the [ServiceNow](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md) topic for additional information. | √ | √ | | ServiceNow Ticket | Creates tickets in ServiceNow. See the [ServiceNowTicket](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowticket/index.md) topic for additional information. | X | √ | | SharedFolder | Scans a Windows file directory and exports a list of folders, files, users and their associated permissions. See the [SharedFolders](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sharedfolder/index.md) topic for additional information. | √ | X | | SharePoint | Exports a SharePoint's list of objects, users, groups, roles and their relationships. See the [SharePoint](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sharepoint/index.md) and [Set up SharePoint's Export and Synchronization](/docs/identitymanager/6.2/integration-guide/connectors/configuration-details/sharepoint-export/index.md) topics for additional information. | √ | √ | | SQL | Exports data from various Database Management Systems. See the [Sql](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sql/index.md) topic for additional information. | √ | X | -| SQL Server Entitlements | Exports server and database principals from Microsoft SQL Server. See the [ Sql Server Entitlements ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md) topic for additional information. | √ | X | -| Top Secret | Exports the Top Secret (TSS) users and profiles. See the [ Top Secret ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/topsecret/index.md) topic for additional information. | √ | X | -| Workday | Exports data from a Workday instance. See the [ Workday ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/workday/index.md) topic for additional information. | √ | X | +| SQL Server Entitlements | Exports server and database principals from Microsoft SQL Server. See the [Sql Server Entitlements](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md) topic for additional information. | √ | X | +| Top Secret | Exports the Top Secret (TSS) users and profiles. See the [Top Secret](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/topsecret/index.md) topic for additional information. | √ | X | +| Workday | Exports data from a Workday instance. See the [Workday](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/workday/index.md) topic for additional information. | √ | X | diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/activedirectory/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/activedirectory/index.md index 6b9f897e13..24c0cb35ef 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/activedirectory/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/activedirectory/index.md @@ -116,12 +116,11 @@ The identifier of the connection and thus the name of the subsection must: >                     "Connections": { >                     "ADExport": { >                     "Filter": "(objectclass=*)", ->                     "Servers": [ ->                     { +>                     "Servers": [>                     { >                     "Server": "contoso.server.com", >                     "BaseDN": "DC=contoso,DC=com" >                     } ->                     ], +>], >                     "AuthType": "Basic", >                     "AsAdLds": false, >                     "EnableSSL": true, @@ -158,16 +157,19 @@ This connector is meant to generate: ConnectionColumn and each property without it but used in an entity association; Any property can be exported in a specific format when specified. See the - [ References: Format for the EntityPropertyMapping ](/docs/identitymanager/6.2/integration-guide/connectors/entitypropertymapping-format/index.md) + [References: Format for the EntityPropertyMapping](/docs/identitymanager/6.2/integration-guide/connectors/entitypropertymapping-format/index.md) topic for additional information. - An additional file for each related table other than entries; - A cookie file named ``\_cookie.bin, containing the time of the last export in order to perform incremental exports. - **NOTE:** Most exports can be run in complete mode, where the CSV files will contain all + :::note + Most exports can be run in complete mode, where the CSV files will contain all entries, or in incremental mode, where CSV files will contain only the entries which have been modified since the last synchronization. + ::: + A task can use the IgnoreCookieFile boolean property, and a command line (with an executable) can use the option --ignore-cookies. @@ -235,8 +237,7 @@ written to the same CSV file. >                     ... >                     "Connections": { >                     "ADExport": { ->                     "Servers": [ ->                     { +>                     "Servers": [>                     { >                     "Server": "", >                     "BaseDN": "" >                     }, @@ -244,7 +245,7 @@ written to the same CSV file. >                     "Server": "", >                     "BaseDN": "" >                     } ->                     ], +>], >                     "AuthType": "", >                     "Login": "", >                     "Password": "", @@ -282,12 +283,11 @@ Same as for export, fulfill is configured through connections. >                     "Connections": { >                     ... >                     "ADFulfillment": { ->                     "Servers": [ ->                     { +>                     "Servers": [>                     { >                     "Server": "", >                     "BaseDN": "" >                     } ->                     ], +>], >                     "AuthType": "Basic", >                     "AsAdLds": "true", >                     "EnableSSL": true, @@ -337,16 +337,14 @@ appsettings.agent.json                 "Connections": {                 ...                 "ADFulfillment": { -                "Servers": [ -                { +                "Servers": [{                 "Server": "",                 "BaseDN": ""                 },                 {                 "Server": "",                 "BaseDN": "" -                } -                ], +                }],                 "AuthType": "Basic",                 "Login": "",                 "Password": "", @@ -400,7 +398,7 @@ topic for additional information on how to configure password reset settings. Data protection can be ensured through: - RSA encryption, configured in the appsettings.encrypted.agent.json file. See the - [ RSA Encryption ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) + [RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) topic for additional information. - An Azure Key Vault safe; See the [Azure Key Vault](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/azure/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/azure/index.md index 4c77818b66..2f16c5e56b 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/azure/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/azure/index.md @@ -10,7 +10,7 @@ This connector exports [Azure](https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-azure) resources, role definitions and assignments. -This page is about [ Azure ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/azure/index.md). +This page is about [Azure](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/azure/index.md). ![Package: Cloud/Azure](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/azure/packages_azure_v603.webp) @@ -28,12 +28,12 @@ and role assignments to CSV files. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` - appsettings.agent.json +**appsettings.agent.json** { ... "Connections": { ... "": { ... } } } @@ -130,9 +130,7 @@ This connector does not reset passwords. Data protection can be ensured through: -- [ - RSA Encryption - ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) configured in the ```appsettings.encrypted.agent.json``` file; +- [RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) configured in the ```appsettings.encrypted.agent.json``` file; - An [Azure Key Vault](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) safe; - A [CyberArk's AAM Credential Providers diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/csv/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/csv/index.md index 1fe642d660..b326170ab6 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/csv/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/csv/index.md @@ -8,7 +8,7 @@ sidebar_position: 40 This connector exports data from a [CSV file](https://en.wikipedia.org/wiki/Comma-separated_values). -This page is about [ CSV ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/csv/index.md). +This page is about [CSV](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/csv/index.md). ![Package: File/CSV](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/csv/packages_csv_v603.webp) @@ -28,7 +28,7 @@ Identity Manager's format. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -65,10 +65,9 @@ The identifier of the connection and thus the name of the subsection must: > "Separator": ";", > "IsFileNameRegex": true, > "NumberOfLinesToSkip": 1, -> "ValuesToTrim": [ -> "*", +> "ValuesToTrim": [> "*", > "%" -> ] +>] > } > } > } @@ -81,7 +80,89 @@ The identifier of the connection and thus the name of the subsection must: | Path Required if PathIncremental is not defined. | **Type** String **Description** Path of the input file to be used for complete synchronization. | | PathIncremental Required if Path is not defined. | **Type** String **Description** Path of the input file to be used for incremental synchronization. | | IsFileNameRegex optional | **Type** Boolean **Description** `True` to enter a regex instead of a normal string for `Path` and `PathIncremental`. **Note:** if several files correspond to the regex, then the export will use the last created file. **Info:** useful when the filename is only partially known, for example when using a generated file. | -| ValuesToTrim optional | **Type** String List **Description** Ordered list of the characters to trim at the beginning and at the end of the headers and values of the input file. **Note:** the second value will be trimmed after the first, the order is important. **Example** When writing `$` first and then `%` in `ValuesToTrim`, then "$%I am an example$%" becomes "I am an example$". | +| ValuesToTrim optional | **Type** String List **Description** Ordered list of the characters to trim at the beginning and at the end of the headers and values of the input file. **Note:** the second value will be trimmed after the first, the order is important. **Example** When writing `--- +title: "CSV" +description: "CSV" +sidebar_position: 40 +--- + +# CSV + +This connector exports data from a [CSV file](https://en.wikipedia.org/wiki/Comma-separated_values). + +This page is about [CSV](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/csv/index.md). + +![Package: File/CSV](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/csv/packages_csv_v603.webp) + +## Overview + +Files in CSV format are commonly used to store information. + +## Prerequisites + +Implementing this connector requires the source file to be in CSV format. + +## Export + +This export copies the information found in a CSV file and transforms it into a new CSV file in the +Identity Manager's format. + +### Configuration + +This process is configured through a +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +the XML configuration, and in the `appsettings.agent.json > Connections` section: + +``` +appsettings.agent.json +{ + ... + "Connections": { + ... + "": { + ... + } + } +} +``` + +The identifier of the connection and thus the name of the subsection must: + +- be unique. +- not begin with a digit. +- not contain `<`, `>`, `:`, `"`, `/`, `\`, `|`, `?`, `*` and `_`. + +> For example: +> +> ``` +> appsettings.agent.json +> { +> ... +> "Connections": { +> ... +> "HRContoso": { +> "Path": "C:/identitymanagerContoso/Contoso/hr_conto(.*?).csv", +> "PathIncremental": "C:/identitymanagerContoso/Contoso/hr_delta_conto(.*?).csv", +> "Encoding": "UTF-16", +> "Separator": ";", +> "IsFileNameRegex": true, +> "NumberOfLinesToSkip": 1, +> "ValuesToTrim": [> "*", +> "%" +>] +> } +> } +> } +> ``` + +#### Setting attributes + +| Name | Details | +| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Path Required if PathIncremental is not defined. | **Type** String **Description** Path of the input file to be used for complete synchronization. | +| PathIncremental Required if Path is not defined. | **Type** String **Description** Path of the input file to be used for incremental synchronization. | +| IsFileNameRegex optional | **Type** Boolean **Description** `True` to enter a regex instead of a normal string for `Path` and `PathIncremental`. **Note:** if several files correspond to the regex, then the export will use the last created file. **Info:** useful when the filename is only partially known, for example when using a generated file. | + first and then `%` in `ValuesToTrim`, then "$%I am an example$%" becomes "I am an example$". | | Encoding default value: UTF-8 | **Type** String **Description** Encoding of the input file. [See the list of available encodings](https://learn.microsoft.com/en-us/dotnet/api/system.text.encoding#see-the-list-of-available-encodings). | | NumberOfLinesToSkip default value: 0 | **Type** Int32 **Description** Number of lines to skip in order to reach the line used as data header. | @@ -113,8 +194,8 @@ This connector does not reset passwords. ### Credential protection This connector has no credential attributes, and therefore does not use -[](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), -nor a [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md). +[](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), +nor a [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md). Still, data protection can be ensured through an -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe. +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvista/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvista/index.md index 1be08980b1..3bb9dcb467 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvista/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvista/index.md @@ -39,7 +39,7 @@ It can also export any custom entity, provided that a view exists for it in Easy ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -218,9 +218,9 @@ topic to find out more on how to configure password reset settings. Data protection can be ensured through: -- [](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), +- [](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; - A [CyberArk's AAM Credential Providers ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvistaticket/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvistaticket/index.md index 4d62853307..a87d6d14a8 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvistaticket/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvistaticket/index.md @@ -10,7 +10,7 @@ This connector opens tickets in [EasyVista](https://wiki.easyvista.com/xwiki/bin/view/Documentation/?language=en) for manual provisioning. -This page is about [ EasyVista Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/easyvistaticket/index.md). +This page is about [EasyVista Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/easyvistaticket/index.md). ![Package: Ticket/EasyVista](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvistaticket/packages_easyvistaticket_v603.webp) @@ -34,7 +34,7 @@ Implementing this connector requires: ## Export This connector exports some of EasyVista entities, see the export capabilities of the -[ EasyVista ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/easyvista/index.md) connector. Some entities cannot be +[EasyVista](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/easyvista/index.md) connector. Some entities cannot be exported. ## Fulfill @@ -49,7 +49,7 @@ resource accordingly. See the [Entitlement Assignment](/docs/identitymanager/6.2/integration-guide/role-assignment/assignments-of-entitlements/index.md) topic to find out more on how to configure password reset settings. -See the fulfill capabilities of the [ EasyVista ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvista/index.md) connector. +See the fulfill capabilities of the [EasyVista](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvista/index.md) connector. > For example: > @@ -76,9 +76,9 @@ topic to find out more on how to configure password reset settings. Data protection can be ensured through: -- [ RSA Encryption ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), +- [RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; - a [CyberArk's AAM Credential Providers ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/excel/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/excel/index.md index e21bc8879b..8824467719 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/excel/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/excel/index.md @@ -9,7 +9,7 @@ sidebar_position: 140 This connector exports datasheets from a [Microsoft Excel](https://www.microsoft.com/en-us/microsoft-365/excel) (XLSX) file. -This page is about [ Excel ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/excel/index.md). +This page is about [Excel](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/excel/index.md). ![Package: File/Microsoft Excel](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/excel/packages_excel_v603.webp) @@ -29,7 +29,7 @@ filtering out spreadsheets and trimming values if needed. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -63,19 +63,105 @@ The identifier of the connection and thus the name of the subsection must: > "Path": "C:/identitymanagerContoso/Contoso/hr_conto(.*?).xlsx", > "PathIncremental": "C:/identitymanagerContoso/Contoso/hr_delta_conto(.*?).xlsx", > "IsFileNameRegex": "true", -> "SheetOptions": [ +> "SheetOptions": [> { +> "SheetIgnored": "false", +> "NumberOfLinesToSkip": 1 +> }, > { +> "SheetIgnored": "true" +> } +>], +> "ValuesToTrim": [> "$", +> "%" +>] +> } +> } +> } +> ``` + +#### Setting attributes + +| Name | Details | +| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Path Required if PathIncremental is not defined. | **Type** String **Description** Path of the input file to be used for complete synchronization. | +| PathIncremental Required if Path is not defined. | **Type** String **Description** Path of the input file to be used for incremental synchronization. | +| IsFileNameRegex optional | **Type** Boolean **Description** `True` to enter a regex instead of a normal string for `Path` and `PathIncremental`. **Note:** if several files correspond to the regex, then the export will use the last created file. **Info:** useful when the filename is only partially known, for example when using a generated file. | +| ValuesToTrim optional | **Type** String List **Description** Ordered list of the characters to trim at the beginning and at the end of the headers and values of the input file. **Note:** the second value will be trimmed after the first, the order is important. **Example** When writing `--- +title: "Microsoft Excel" +description: "Microsoft Excel" +sidebar_position: 140 +--- + +# Microsoft Excel + +This connector exports datasheets from a +[Microsoft Excel](https://www.microsoft.com/en-us/microsoft-365/excel) (XLSX) file. + +This page is about [Excel](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/excel/index.md). + +![Package: File/Microsoft Excel](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/excel/packages_excel_v603.webp) + +## Overview + +Microsoft Excel files using the XLSX file format are commonly used to store information. + +## Prerequisites + +Implementing this connector requires the input file to be in the XLSX format. + +## Export + +This connector copies the information from an XLSX file into CSV files, one per spreadsheet, while +filtering out spreadsheets and trimming values if needed. + +### Configuration + +This process is configured through a +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +the XML configuration, and in the `appsettings.agent.json > Connections` section: + +``` +appsettings.agent.json +{ + ... + "Connections": { + ... + "": { + ... + } + } +} +``` + +The identifier of the connection and thus the name of the subsection must: + +- be unique. +- not begin with a digit. +- not contain `<`, `>`, `:`, `"`, `/`, `\`, `|`, `?`, `*` and `_`. + +> For example: +> +> ``` +> appsettings.agent.json +> { +> ... +> "Connections": { +> ... +> "HRContoso": { +> "Path": "C:/identitymanagerContoso/Contoso/hr_conto(.*?).xlsx", +> "PathIncremental": "C:/identitymanagerContoso/Contoso/hr_delta_conto(.*?).xlsx", +> "IsFileNameRegex": "true", +> "SheetOptions": [> { > "SheetIgnored": "false", > "NumberOfLinesToSkip": 1 > }, > { > "SheetIgnored": "true" > } -> ], -> "ValuesToTrim": [ -> "$", +>], +> "ValuesToTrim": [> "$", > "%" -> ] +>] > } > } > } @@ -88,7 +174,7 @@ The identifier of the connection and thus the name of the subsection must: | Path Required if PathIncremental is not defined. | **Type** String **Description** Path of the input file to be used for complete synchronization. | | PathIncremental Required if Path is not defined. | **Type** String **Description** Path of the input file to be used for incremental synchronization. | | IsFileNameRegex optional | **Type** Boolean **Description** `True` to enter a regex instead of a normal string for `Path` and `PathIncremental`. **Note:** if several files correspond to the regex, then the export will use the last created file. **Info:** useful when the filename is only partially known, for example when using a generated file. | -| ValuesToTrim optional | **Type** String List **Description** Ordered list of the characters to trim at the beginning and at the end of the headers and values of the input file. **Note:** the second value will be trimmed after the first, the order is important. **Example** When writing `$` first and then `%` in `ValuesToTrim`, then "$%I am an example$%" becomes "I am an example$". | + first and then `%` in `ValuesToTrim`, then "$%I am an example$%" becomes "I am an example$". | | | | | --- | --- | | SheetOptions optional | **Type** Sheet Option List **Description** List of options for each sheet of the input file. The first element of the list sets the options for the first sheet, the second element for the second sheet, etc. | @@ -133,7 +219,7 @@ This connector does not reset passwords. ### Credential protection This connector has no credential attributes, and therefore does not use -[ RSA Encryption ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), nor +[RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), nor a [CyberArk's AAM Credential Providers ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)Vault. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/googleworkspace/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/googleworkspace/index.md index 6b9bbaefa7..19dfd3067d 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/googleworkspace/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/googleworkspace/index.md @@ -9,7 +9,7 @@ sidebar_position: 70 This connector exports and fulfills users and groups from/to a [Google Workspace](https://developers.google.com/workspace) instance. -This page is about [ Google Workspace ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/googleworkspace/index.md). +This page is about [Google Workspace](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/googleworkspace/index.md). ![Package: Directory/Google Workspace](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/googleworkspace/packages_workspace_v603.webp) @@ -34,8 +34,11 @@ Implementing this connector requires: [Google's documentation](https://developers.google.com/workspace/guides/create-credentials#googles-documentation) Google's documentation to create the service account with the right impersonation. - _Remember,_ Google's documentation describes this procedure as optional, while the Google + :::tip + Remember, Google's documentation describes this procedure as optional, while the Google Workspace connector requires it. + ::: + ## Export @@ -45,7 +48,7 @@ and write the output to CSV files. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -166,7 +169,7 @@ This connector does not reset passwords. ### Credential protection This connector has no credential attributes, and therefore does not use -[ RSA Encryption ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), nor +[RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), nor a [CyberArk's AAM Credential Providers ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)Vault. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/homefolder/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/homefolder/index.md index af6c998440..c694a82331 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/homefolder/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/homefolder/index.md @@ -8,7 +8,7 @@ sidebar_position: 80 This connector exports [home folders](https://en.wikipedia.org/wiki/Home_directory)' content. -This page is about [ Home Folders ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/home-folders/index.md). +This page is about [Home Folders](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/home-folders/index.md). ![Package: Storage/Home Folders](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/homefolder/packages_homefolders_v603.webp) @@ -40,7 +40,7 @@ This connector performs only complete export, not incremental. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -71,10 +71,9 @@ The identifier of the connection and thus the name of the subsection must: > "Connections": { > ... > "HomeFolderExport": { -> "InputDirectories": [ -> "C:/ContosoFolder", +> "InputDirectories": [> "C:/ContosoFolder", > "C:/ContosoFolder2", -> ], +>], > "Domain": "Windows", > "Interactive": true, > "Login": "Contoso", @@ -128,9 +127,9 @@ This connector does not reset passwords. Data protection can be ensured through: -- [](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), +- [](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)safe; +- An [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)safe; -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store Home Folder's `Login` and `Password`. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/index.md index 36dc252baf..ef96ad6a50 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/index.md @@ -13,27 +13,27 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills users and groups from/to an Active Directory instance. -- [ Azure ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/azure/index.md) +- [Azure](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/azure/index.md) Exports Azure resources, role definitions and assignments. -- [ CSV ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/csv/index.md) +- [CSV](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/csv/index.md) Exports data from a CSV file. -- [ EasyVista ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvista/index.md) +- [EasyVista](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvista/index.md) Exports and fulfills users from/to an EasyVista-compliant system. -- [ EasyVista Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvistaticket/index.md) +- [EasyVista Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/easyvistaticket/index.md) Opens tickets in EasyVista for manual provisioning. -- [ Google Workspace ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/googleworkspace/index.md) +- [Google Workspace](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/googleworkspace/index.md) Exports and fulfills users and groups from/to a Google Workspace instance. -- [ Home Folder ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/homefolder/index.md) +- [Home Folder](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/homefolder/index.md) Exports home folders' content. @@ -49,7 +49,7 @@ organization's systems. Here is a list of reference connectors: Generates JSON files for each provisioning order. -- [ LDAP ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldap/index.md) +- [LDAP](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldap/index.md) Exports and fulfills entries from/to a LDAP-compliant system. @@ -61,15 +61,15 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills user and groups from/to a Microsoft Entra ID instance. -- [ Microsoft Excel ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/excel/index.md) +- [Microsoft Excel](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/excel/index.md) Exports datasheets from a Microsoft Excel (XLSX) file. -- [ Microsoft Exchange ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/microsoftexchange/index.md) +- [Microsoft Exchange](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/microsoftexchange/index.md) Exports mailboxes from a Microsoft Exchange instance. -- [ OData ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/odata/index.md) +- [OData](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/odata/index.md) Exports and fulfills entries from/to an OData instance. @@ -77,23 +77,23 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills entries from/to an Okta instance. -- [ OpenLDAP ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/openldap/index.md) +- [OpenLDAP](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/openldap/index.md) Exports and fulfills entries from/to an OpenLDAP directory. -- [ PowerShellProv ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md) +- [PowerShellProv](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md) Writes to an external system via a PowerShell script. -- [ PowerShellSync ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellsync/index.md) +- [PowerShellSync](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellsync/index.md) Exports data from an external system via a Powershell script. -- [ RACF ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/racf/index.md) +- [RACF](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/racf/index.md) Exports users and profiles from a RACF file. -- [ Robot Framework ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/robotframework/index.md) +- [Robot Framework](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/robotframework/index.md) Writes to an external system via a Robot Framework script. @@ -101,7 +101,7 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills users and roles from/to a SAP ERP 6.0 or SAP S4/HANA instance. -- [ SAP Netweaver ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sapnetweaver/index.md) +- [SAP Netweaver](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sapnetweaver/index.md) Exports and fulfills users and roles from/to a SAP Netweaver instance. @@ -109,15 +109,15 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills entities from/to a SCIM-compliant application. -- [ ServiceNow ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md) +- [ServiceNow](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md) Exports and fulfills any data from/to a ServiceNow CMDB. -- [ ServiceNowTicket ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowticket/index.md) +- [ServiceNowTicket](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowticket/index.md) Opens tickets in ServiceNow for manual provisioning. -- [ SharedFolders ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sharedfolder/index.md) +- [SharedFolders](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sharedfolder/index.md) Exports users and permissions from Windows shared folders. @@ -125,18 +125,18 @@ organization's systems. Here is a list of reference connectors: Exports sites, folders, groups and permissions from a SharePoint instance. -- [ Sql ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sql/index.md) +- [Sql](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sql/index.md) Exports data from one of various Database Management Systems. -- [ Sql Server Entitlements ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md) +- [Sql Server Entitlements](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md) Exports entitlements from Microsoft SQL Server. -- [ Top Secret ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/topsecret/index.md) +- [Top Secret](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/topsecret/index.md) Exports users and profiles from a Top Secret (TSS) instance. -- [ Workday ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/workday/index.md) +- [Workday](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/workday/index.md) Exports users and groups from a Workday instance. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/internalresources/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/internalresources/index.md index 3341e20d7e..c97986fbc3 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/internalresources/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/internalresources/index.md @@ -13,8 +13,8 @@ This page is about: - Ticket/Identity Manager - Ticket/Identity Manager And Create/Update/Delete resources -See the [ Manual Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/manual-ticket/index.md) and -[ Manual Ticket and CUD Resources ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/manual-ticket-and-cud-resources/index.md) +See the [Manual Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/manual-ticket/index.md) and +[Manual Ticket and CUD Resources](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/manual-ticket-and-cud-resources/index.md) topics for additional information. ![Package: Ticket/identitymanager](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalresources/packages_identitymanagerticket_v603.webp) @@ -22,5 +22,5 @@ topics for additional information. ![Package: Ticket/identitymanager And Create/Update/Delete resources](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalresources/packages_identitymanagerticketcud_v603.webp) See the -[ Provision Manually ](/docs/identitymanager/6.2/user-guide/administrate/provisioning/manual-provisioning/index.md) +[Provision Manually](/docs/identitymanager/6.2/user-guide/administrate/provisioning/manual-provisioning/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/internalworkflow/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/internalworkflow/index.md index f825e1c12e..09434dedfa 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/internalworkflow/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/internalworkflow/index.md @@ -9,7 +9,7 @@ sidebar_position: 90 This connector triggers workflows in Identity Manager for a system's provisioning orders. This page is about Identity Manager Internal Workflow. See the -[ Workflow ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/workflow/index.md) topic for additional information. +[Workflow](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/workflow/index.md) topic for additional information. ![Package: Usercube/Workflow](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalworkflow/packages_workflow_v603.webp) @@ -29,7 +29,7 @@ message and body. Implementing this connector requires: - Knowledge of the basic principles of Identity Manager's workflows. See the - [ Workflow ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/workflow/index.md) topic for additional information. + [Workflow](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/workflow/index.md) topic for additional information. - Configuring in Identity Manager the workflows for the arrival of a new user, the update of a pre-existing user, and for the departure of a user @@ -64,7 +64,10 @@ appsettings.agent.json } ``` -**NOTE:** The identifier of the connection and thus the name of the subsection must: +:::note +The identifier of the connection and thus the name of the subsection must: +::: + - be unique - not begin with a digit @@ -94,7 +97,7 @@ The configuration setting must have the following attributes: | ------------------------- | ------ | ------------------------------------------------------- | | WorkflowJsonPath required | String | Path of the JSON file used to configure this connector. | -WorkflowJsonPath +**WorkflowJsonPath** The file specified in WorkflowJsonPath must have a specific structure. @@ -110,8 +113,7 @@ FulfillInternalWorkflow.json   "NavigationToTargetEntity": "User",   "NavigationTargetToSource": "Records",   "TargetEntityTypeIdentifier": "Directory_User", -  "FulfillInternalWorkflowConfigurations": [ -    { +  "FulfillInternalWorkflowConfigurations": [{       "ChangeType": "Added",       "Model": {         "WorkflowIdentifier": "Directory_User_StartInternal", @@ -123,13 +125,10 @@ FulfillInternalWorkflow.json         "LastName",         "FirstName",         "ContractStartDate", -        "ContractEndDate" -      ], -      "NavigationProperties": [ -        "Category", +        "ContractEndDate"], +      "NavigationProperties": ["Category",         "Service", -        "Site" -      ] +        "Site"]     },     {       "ChangeType": "Modified", @@ -139,10 +138,8 @@ FulfillInternalWorkflow.json         "Message": "workflow Update: $Resource:LastName$ - $Resource:FirstName$, EmployeeId: $Resource:EmployeeId$",         "Body": "body of workflow Update for  $Resource:EmployeeId$ "       }, -      "ScalarProperties": [ -        "FirstName", -        "LastName" -      ] +      "ScalarProperties": ["FirstName", +        "LastName"]     },     {       "ChangeType": "Deleted", @@ -152,19 +149,20 @@ FulfillInternalWorkflow.json         "Message": "workflow end Directory_Person for $Resource:LastName$ - $Resource:FirstName$",         "Body": "body if workflow end for $Resource:LastName$ - $Resource:FirstName$"       }, -      "DateProperties": [ -        "ContractEndDate" -      ] +      "DateProperties": ["ContractEndDate"]     }   ] } ``` -_Remember,_ as workflows' aspects are computed during the fulfill process, all the required +:::tip +Remember, as workflows' aspects are computed during the fulfill process, all the required properties must be present in the provisioning order and in this JSON file. +::: + -Setting attributes +**Setting attributes** The table below summarizes the setting attributes. @@ -175,8 +173,8 @@ The table below summarizes the setting attributes. | DateProperties optional | DateTime List | List of the properties corresponding to the dates that the workflow is to fill in. **NOTE:** When not specified and ChangeType is set to Deleted, then the dates are filled with the workflow's execution date. | | Message required | String | Message sent to the accounts impacted by the workflow. | | NavigationProperties optional | String List | List of the navigation properties to get from the provisioning orders in order to complete the workflow. | -| NavigationTargetToSource optional | String | Navigation property that makes the link from the target entity type to the source entity type. **NOTE:** Required when using records. For example, it's not required when working with departments or sites. See the[ Position Change via Records ](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information. | -| NavigationToTargetEntity optional | String | Navigation property that makes the link from the source entity type to the target entity type. **NOTE:** Required when using records. For example, it's not required when working with departments or sites. See the[ Position Change via Records ](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information. | +| NavigationTargetToSource optional | String | Navigation property that makes the link from the target entity type to the source entity type. **NOTE:** Required when using records. For example, it's not required when working with departments or sites. See the[Position Change via Records](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information. | +| NavigationToTargetEntity optional | String | Navigation property that makes the link from the source entity type to the target entity type. **NOTE:** Required when using records. For example, it's not required when working with departments or sites. See the[Position Change via Records](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information. | | ScalarProperties optional | String List | List of the scalar properties to get from the provisioning orders in order to complete the workflow. | | SourceEntityIdentifier required | String | Identifier of the source entity type of the workflow. | | TransitionIdentifier required | String | Identifier of the workflow's transition after execution. | @@ -199,15 +197,15 @@ Internal Workflow. See the following to figure out authentication. -Password reset +**Password reset** This connector does not reset passwords. -Credential protection +**Credential protection** This connector has no credential attributes, and therefore does not use RSA encryption, nor a CyberArk Vault. See the -[ RSA Encryption ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) and +[RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) and [CyberArk's AAM Credential Providers ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md) topics for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/json/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/json/index.md index e35195ca41..29bff55a9b 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/json/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/json/index.md @@ -9,7 +9,7 @@ sidebar_position: 110 This connector generates [JSON](https://www.json.org/json-en.html) files for each provisioning order. -This page is about [ JSON ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/json/index.md) +**This page is about [JSON](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/json/index.md)** ![Package: Custom/JSON](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/json/packages_json_v603.webp) diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldap/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldap/index.md index 5ed2ba61ef..cbec893362 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldap/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldap/index.md @@ -10,10 +10,10 @@ This connector exports and fulfills entries from/to an [LDAP](https://ldap.com/) This page is about: -- [ Generic LDAP ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-ldap/index.md); -- [ Oracle LDAP ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/oracle-ldap/index.md); -- [ Apache Directory ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/apache-directory/index.md); -- [ Red Hat Directory Server ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/red-hat-directory-server/index.md). +- [Generic LDAP](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-ldap/index.md); +- [Oracle LDAP](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/oracle-ldap/index.md); +- [Apache Directory](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/apache-directory/index.md); +- [Red Hat Directory Server](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/red-hat-directory-server/index.md). ![Package: Directory/Generic LDAP](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldap/packages_ldapgeneric_v603.webp) @@ -41,7 +41,7 @@ connector's configuration. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -71,8 +71,7 @@ The identifier of the connection and thus the name of the subsection must: > "Connections": { > ... > "LDAPExport": { -> "Servers": [ -> { +> "Servers": [> { > "Server": "contoso.server.com", > "AuthType": "Basic", > "Login": "Contoso", @@ -80,13 +79,12 @@ The identifier of the connection and thus the name of the subsection must: > "Controls": [ > "PagedResult", > "DomainScope" -> ], +>], > "NoSigning": false, > "EnableSSL": true > } > ], -> "Tables": [ -> { +> "Tables": [> { > "Table": "entries", > "BaseDN": "DC=contoso,DC=com", > "Filter": "(objectclass=*)", @@ -98,7 +96,7 @@ The identifier of the connection and thus the name of the subsection must: > "Filter": "(&(member=*)(objectclass=groupOfEntries))", > "Scope": "Subtree" > } -> ], +>], > "SizeLimit": 5000, > "TimeLimit": 5, > "TimeOut": 30 @@ -153,7 +151,7 @@ with one column for each property having a `ConnectionColumn` and each property in an entity association. Any property can be exported in a specific format when specified. See the -[ References: Format for the EntityPropertyMapping ](/docs/identitymanager/6.2/integration-guide/connectors/entitypropertymapping-format/index.md) +[References: Format for the EntityPropertyMapping](/docs/identitymanager/6.2/integration-guide/connectors/entitypropertymapping-format/index.md) topic for additional information. > With the previous example and the following entity type mapping: @@ -202,20 +200,18 @@ Same as for export, fulfill is configured through connections. > "Connections": { > ... > "LDAPFulfillment": { -> "Servers": [ -> { +> "Servers": [> { > "Server": "contoso.server.com", > "AuthType": "Basic", > "Login": "Contoso", > "Password": "ContOso$123456789" > } -> ], -> "Tables": [ -> { +>], +> "Tables": [> { > "Table": "entries", > "BaseDN": "DC=contoso,DC=com" > } -> ], +>], > "IsLdapPasswordReset": true, > "AsAdLds": false > } @@ -285,9 +281,9 @@ topic to learn how to configure password reset settings. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store LDAP's `Login`, `Password` and `Server`. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldif/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldif/index.md index 58c94c9766..2dc8365763 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldif/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldif/index.md @@ -9,7 +9,7 @@ sidebar_position: 130 This connector exports entries from an [LDIF](https://en.wikipedia.org/wiki/LDAP_Data_Interchange_Format) file. -This page is about [ LDIF ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/ldif/index.md). +This page is about [LDIF](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/ldif/index.md). ![Package: Directory/LDIF](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldif/packages_ldif_v603.webp) @@ -32,7 +32,7 @@ This connector generates a CSV file from an input LDIF file containing entries t ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -66,7 +66,7 @@ The identifier of the connection and thus the name of the subsection must: > "LDIFFile": "C:/identitymanagerContoso/Contoso/contoso.ldif", > "FilterAttribute": "objectClass", > "FilterValues": "user organizationalUnit", -> "Attributes": [ "dn", "objectClass", "cn", "SAMAccountName", "Name", "userprincipalname" ], +> "Attributes": ["dn", "objectClass", "cn", "SAMAccountName", "Name", "userprincipalname"], > "LdifEncoding": "UTF-8", > } > } @@ -104,8 +104,8 @@ There are no fulfill capabilities for this connector. ### Credential protection This connector has no credential attributes, and therefore does not use -[](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), -nor a [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)Vault. +[](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), +nor a [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)Vault. Still, data protection can be ensured through an -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe. +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/microsoftentraid/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/microsoftentraid/index.md index 73239a7e07..9f5c3be69c 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/microsoftentraid/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/microsoftentraid/index.md @@ -46,7 +46,7 @@ the list of configured attributes in the associated entity type mapping to a CSV ### Configuration This process is configured through a connection in the UI and/or the XML configuration. See the -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. Or in the `appsettings.agent.json > Connections` section: @@ -67,7 +67,10 @@ appsettings.agent.json } ``` -**NOTE:** The identifier of the connection and thus the name of the subsection must: +:::note +The identifier of the connection and thus the name of the subsection must: +::: + - be unique - not begin with a digit @@ -95,7 +98,7 @@ appsettings.agent.json } ``` -Setting attributes +**Setting attributes** The table below summarizes the setting attributes of Microsoft Entra ID connector. @@ -116,8 +119,11 @@ This connector is meant to generate the following files: - `_directoryobjects.csv` containing the property values from the entity type mapping associated with the connection. - **NOTE:** The values are exported from the entities listed in the attribute `C0` of the + :::note + The values are exported from the entities listed in the attribute `C0` of the `EntityTypeMapping`. + ::: + For example, with the following configuration: @@ -144,10 +150,13 @@ This connector is meant to generate the following files: ... ``` - _Remember,_ attributes described as "Supported only on the Get `` API" in the + :::tip + Remember, attributes described as "Supported only on the Get `` API" in the [Microsoft Graph API](https://docs.microsoft.com/en-us/graph/overview?view=graph-rest-1.0) documentation cannot be retrieved through this connector. The export task will raise an error if these attributes are used in your EntityTypeMapping. + ::: + This connector supports [Microsoft Entra ID Schema Extensions](https://docs.microsoft.com/en-us/previous-versions/azure/ad/graph/howto/azure-ad-graph-api-directory-schema-extensions) @@ -168,17 +177,23 @@ This connector is meant to generate the following files: Where command can be `insert`, `update` or `delete`; groupId is the id of the group; id is the id of the group member (in this context). - **NOTE:** Only the navigation properties `members` and `owners` are exported. These navigation + :::note + Only the navigation properties `members` and `owners` are exported. These navigation properties are automatically detected according to the data exported. + ::: + - one file `_cookie_.bin` per entity, containing an URL with a `delta token` useful for incremental export. > For example `MicrosoftEntraIDExport_cookie_user.bin` - _Remember,_ most exports can be run in complete mode, where the CSV files will contain all + :::tip + Remember, most exports can be run in complete mode, where the CSV files will contain all entries, or in incremental mode, where CSV files will contain only the entries which have been modified since the last synchronization. + ::: + A task can use the IgnoreCookieFile boolean property, and a command line (with an executable) can use the option --ignore-cookies. @@ -224,7 +239,7 @@ appsettings.agent.json } ``` -Setting attributes +**Setting attributes** The table below summarizes the setting attributes. @@ -245,17 +260,17 @@ groups' memberships via the UI. See the following to figure out authentication. -Password reset +**Password reset** See the[appsettings.agent](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) topic for additional information on how to configure password reset settings. -Credential protection +**Credential protection** Data protection can be ensured through: -- [ RSA Encryption ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), +- [RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), configured in the `appsettings.encrypted.agent.json` file - An [Azure Key Vault](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) safe; diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/microsoftexchange/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/microsoftexchange/index.md index 972d2f534d..e215d52d47 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/microsoftexchange/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/microsoftexchange/index.md @@ -10,7 +10,7 @@ This connector exports mailboxes from a [Microsoft Exchange](https://support.microsoft.com/en-us/office/what-is-a-microsoft-exchange-account-47f000aa-c2bf-48ac-9bc2-83e5c6036793) instance. -This page is about [ Microsoft Exchange ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/microsoft-exchange/index.md). +This page is about [Microsoft Exchange](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/microsoft-exchange/index.md). ![Package: Server/Microsoft Exchange](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftexchange/packages_exchange_v603.webp) @@ -47,7 +47,7 @@ script used by Identity Manager. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -132,13 +132,13 @@ This connector can create, update or delete[ mailboxes](https://docs.microsoft.com/en-us/powershell/module/exchange/get-mailbox?view=exchange-ps)' addresses (PrimarySmtpAddress, ProxyAddress) and mailbox databases. -As it works via a PowerShell script. See the [ PowerShellProv ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md) topic +As it works via a PowerShell script. See the [PowerShellProv](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md) topic for additional information. Identity Manager's PowerShell script can be found in the SDK in `Usercube.Demo/Scripts/Fulfill-Exchange.ps1`. -See the [ PowerShellProv ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md) topic for additional information. +See the [PowerShellProv](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md) topic for additional information. ## Authentication @@ -154,15 +154,15 @@ This connector does not reset passwords. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; -- A [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)able to store +- A [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)able to store Microsoft Exchange's `Server`. This kind of credential protection can be used only for the export process. The fulfill process' credentials can be protected by following the instructions for the -PowerShellProv connector. See the [ PowerShellProv ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md) topic for +PowerShellProv connector. See the [PowerShellProv](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md) topic for additional information diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/odata/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/odata/index.md index bbb9df2719..1cb85d6eca 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/odata/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/odata/index.md @@ -8,7 +8,7 @@ sidebar_position: 160 This connector exports and fulfills data from/to an [OData](https://www.odata.org/) instance. -This page is about [ OData ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/odata/index.md). +This page is about [OData](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/odata/index.md). ![Package: Custom/OData](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/odata/packages_odata_v603.webp) @@ -35,7 +35,7 @@ based on the connector's metadata. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -93,14 +93,14 @@ The identifier of the connection and thus the name of the subsection must: This connector requires from the XML configuration: - An - [ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md): + [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md): - with the same identifier as the related entity type; - related to the right connector; - related to a connection table named `_`; - with properties whose connection columns represent the property's path in the entity, see the configuration example below; - An - [ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md): + [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md): - with the same identifier as the related entity association; - with its `Column1` in the format `UsercubeNav_:` for the related property in the association; diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/okta/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/okta/index.md index 0704b1b13a..e3fe2743c0 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/okta/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/okta/index.md @@ -38,8 +38,11 @@ In order to do so you must connect to the Okta administration console `https://myexample-admin.okta.com` and create a new Netwrix Identity Manager (formerly Usercube) user. -**NOTE:** For some Okta deployments it is possible to create a service account or to Manage an Okta +:::note +For some Okta deployments it is possible to create a service account or to Manage an Okta user account as a service account. +::: + **Step 2 –** Assign administrator role and permissions to the Netwrix Identity Manager (formerly Usercube) user. @@ -276,8 +279,8 @@ topic for additional information. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the appsettings.encrypted.agent.json file -- An [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) -- A [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)Vault able to +- An [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) +- A [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)Vault able to store Okta Login, Password, Account and Server. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/openldap/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/openldap/index.md index 0e399d8c68..349aeefd41 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/openldap/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/openldap/index.md @@ -9,7 +9,7 @@ sidebar_position: 180 This connector exports and fulfills entries from/to an [OpenLDAP](https://www.openldap.org/) directory. -This page is about [ OData ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/odata/index.md). +This page is about [OData](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/odata/index.md). ![Package: Directory/Open LDAP](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/openldap/packages_ldapopen_v603.webp) @@ -27,7 +27,7 @@ Implementing this connector requires: - enabling SyncProv Overlay for the OpenLDAP server. To perform a complete export without the SyncProv Overlay enabled, use rather the - [ LDAP ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldap/index.md) connector. + [LDAP](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldap/index.md) connector. ## Export @@ -36,7 +36,7 @@ This connector exports to CSV files the content of an OpenLDAP Directory. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -108,7 +108,7 @@ Output folder: `ConnectionColumn` and each property without it but used in an entity association; Any property can be exported in a specific format when specified. See the - [ References: Format for the EntityPropertyMapping ](/docs/identitymanager/6.2/integration-guide/connectors/entitypropertymapping-format/index.md) + [References: Format for the EntityPropertyMapping](/docs/identitymanager/6.2/integration-guide/connectors/entitypropertymapping-format/index.md) topic for additional information. - a CSV file for each `ConnectionTable` in a related `EntityTypeMapping` or @@ -243,12 +243,12 @@ provisioning order, through the `ResourceType`'s `ArgumentsExpression`. Data protection can be ensured through: -- [](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), +- [](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; - an - [](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md)[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) + [](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md)[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; - a - [](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) + [](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store OpenLDAP's `Login`, `Password` and `Server`. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md index b9940082da..c34b35e41c 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellprov/index.md @@ -9,7 +9,7 @@ sidebar_position: 190 This connector writes to an external system via a [PowerShell](https://learn.microsoft.com/en-us/powershell/scripting/overview) script. -This page is about [ PowerShellProv ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/powershellprov/index.md). +This page is about [PowerShellProv](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/powershellprov/index.md). ![Package: Custom/PowerShellProv](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/packages_powershellprov_v603.webp) @@ -49,7 +49,7 @@ linked to the managed system. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -116,7 +116,7 @@ Data protection can be ensured through: - [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | -------------------- | ------------------------------------------------- | @@ -124,7 +124,7 @@ Data protection can be ensured through: | Password (optional) | `Connections----Options--Password` | | PowerShellScriptPath | `Connections----PowerShellScriptPath` | -- A [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- A [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store the attributes from the `Options` section that are compatible with CyberArk. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellsync/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellsync/index.md index 5218ac9b93..d502aa311c 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellsync/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/powershellsync/index.md @@ -9,7 +9,7 @@ sidebar_position: 200 This connector exports data from an external system via a [PowerShell](https://learn.microsoft.com/en-us/powershell/scripting/overview) script. -This page is about [ PowerShellSync ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/powershellsync/index.md). +This page is about [PowerShellSync](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/powershellsync/index.md). ![Package: Custom/PowerShellSync](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellsync/packages_powershellsync_v603.webp) @@ -57,7 +57,7 @@ prompt. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/racf/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/racf/index.md index feb8255fed..615ca52424 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/racf/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/racf/index.md @@ -9,7 +9,7 @@ sidebar_position: 210 This connector exports users and profiles from a [RACF](https://www.ibm.com/docs/en/zos-basic-skills?topic=zos-what-is-racf) file. -This page is about [ RACF ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/racf/index.md). +This page is about [RACF](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/racf/index.md). ![Package: MainFrame/RACF](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/racf/packages_racf_v603.webp) @@ -40,7 +40,7 @@ Be aware that Identity Manager supports only the RACF records represented by th ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -112,8 +112,8 @@ This connector does not reset passwords. ### Credential protection This connector has no credential attributes, and therefore does not use -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), nor a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md). +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), nor a +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md). Still, data protection can be ensured through an -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe. +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/robotframework/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/robotframework/index.md index 6bbad8e944..a8c5b5e30d 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/robotframework/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/robotframework/index.md @@ -9,7 +9,7 @@ sidebar_position: 220 This connector writes to an external system via a [Robot Framework](https://robotframework.org) script. -This page is about [Robot Framework](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/robot-framework/index.md) +**This page is about [Robot Framework](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/robot-framework/index.md)** ![Package: Custom/Robot Framework](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/packages_robot_v603.webp) diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/saperp6/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/saperp6/index.md index 238f80c046..da0927e818 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/saperp6/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/saperp6/index.md @@ -89,7 +89,7 @@ ABA.SAPSR3.USR11 to usercube grant select on ABA.SAPSR3.AGR_AGRS to usercube gra ABA.SAPSR3.USGRP to usercube grant select on ABA.SAPSR3.UST04 to usercube grant select on ABA.SAPSR3.AGR_TCODES to user grant select on ABA.SAPSR3.T002 to usercube Go -Set up the prerequisites for reading +**Set up the prerequisites for reading** To set up the prerequisites for reading follow the steps below. @@ -105,9 +105,12 @@ variables. **Step 3 –** Create environment variables: `HDBADOTNET=C:\hdbclient\ado.net` and `HDBADOTNETCORE=C:\hdbclient\dotnetcore`. -Set up the prerequisites for writing +**Set up the prerequisites for writing** + +:::note +Make sure the Read prerequisites are configured first. +::: -**NOTE:** Make sure the Read prerequisites are configured first. **Step 1 –** Copy the provided DLL `sapnwrfc.dl` into the Runtime of Identity Manager. @@ -134,7 +137,7 @@ from an SAP ERP instance, and writes the output to CSV files. This process is configured through a connection in the UI and/or the XML configuration, and in the **appsettings.agent.json** > **Connections** section. See the -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -153,7 +156,10 @@ appsettings.agent.json } ``` -_Remember,_ the identifier of the connection and thus the name of the subsection must: +:::tip +Remember, the identifier of the connection and thus the name of the subsection must: +::: + - Be unique - Not begin with a digit. @@ -287,7 +293,7 @@ Data protection can be ensured through: - A CyberArk Vault able to store Active Directory's Login, Password, and Server. See the -[ RSA Encryption ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), +[RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), [Azure Key Vault](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md), and [CyberArk's AAM Credential Providers ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sapnetweaver/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sapnetweaver/index.md index 7e872ec5ee..3dd5e902d2 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sapnetweaver/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sapnetweaver/index.md @@ -10,7 +10,7 @@ This connector exports and fulfills users and roles from/to an [SAP Netweaver](https://www.sap.com/france/products/technology-platform/hana/what-is-sap-hana.html) instance. -This page is about [ SAP S/4 HANA ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/saphana/index.md). +This page is about [SAP S/4 HANA](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/saphana/index.md). ![Package: ERP/SAP S/4 HANA](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/sapnetweaver/packages_sap_v603.webp) @@ -37,7 +37,7 @@ output to CSV files. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -170,9 +170,9 @@ in the corresponding Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | --------- | ------------------------------------------------ | @@ -180,7 +180,7 @@ Data protection can be ensured through: | Login | `Connections----Login` | | Password | `Connections----Password` | -- A [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- A [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store Active Directory's `Login`, `Password` and `Server`. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/scim/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/scim/index.md index d5ac803f27..287b833dd3 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/scim/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/scim/index.md @@ -31,11 +31,14 @@ REST API with specific endpoints to get and set data in a web application for IG allows an identity provider to manage the web application's accounts. For more details about SCIM and RFC, see the [IETF document](https://tools.ietf.org/html/rfc7644). -**NOTE:** Similarly to the Salesforce REST-based API, SCIM for Salesforce enables reading and +:::note +Similarly to the Salesforce REST-based API, SCIM for Salesforce enables reading and writing attributes, but writes to a smaller subset. For example, the following properties are manageable by the Salesforce REST-based API but not SCIM: `PermissionSetGroup`, `PermissionSetLicense`, `UserPermissionsKnowledgeUser`, `UserPermissionsInteractionUser`, `UserPermissionsSupportUser`, `CallCenterId`, `SenderEmail`. +::: + See the [Salesforce's documentation](https://help.salesforce.com/s/articleView?id=sf.identity_scim_rest_api.htm&type=5) @@ -53,7 +56,7 @@ The implementation of the Salesforce connector requires the completion of the fo - Reset the user token - Configure the Salesforce connection -Connect the application +**Connect the application** To connect to the Salesforce application do the following: @@ -87,7 +90,7 @@ Scopes. **Step 8 –** Copy the Consumer Key and Consumer Secret in your Keypass. -Enable OAuth authentication +**Enable OAuth authentication** To enable the OAuth authentication do the following: @@ -102,7 +105,7 @@ To enable the OAuth authentication do the following: **Step 3 –** Go to **OAuth** and **OpenID Connect Settings** in the **Identity** drop-down menu, enable the option to **Allow OAuth Username-Password Flows**. -Reset the user token +**Reset the user token** To reset the user token do the following: @@ -120,7 +123,7 @@ To reset the user token do the following: **Step 4 –** An email containing the new token will be sent. -Configure the Salesforce connection +**Configure the Salesforce connection** To configure the Salesforce connection do the following: @@ -144,7 +147,7 @@ The configuration of the Salesforce connector is completed. This process is configured through a connection in the UI and/or the XML configuration, and in the **appsettings.agent.json** > **Connections** section. -See the [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for +See the [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -163,7 +166,10 @@ appsettings.agent.json } ``` -_Remember,_ the identifier of the connection and thus the name of the subsection must: +:::tip +Remember, the identifier of the connection and thus the name of the subsection must: +::: + - Be unique - Not begin with a digit @@ -231,7 +237,7 @@ This connector is meant to generate to the ExportOutput folder the following CSV See the [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md) and -[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) +[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) topics for additional information. For the connector to work properly, the connection tables must follow the naming conventions too: @@ -342,7 +348,7 @@ Data protection can be ensured through: - A CyberArk Vault able to store Active Directory's Login, Password, and Server. See the -[ RSA Encryption ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), +[RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), [Azure Key Vault](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md), and [CyberArk's AAM Credential Providers ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md index f44760795c..91d47f2bd9 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md @@ -9,7 +9,7 @@ sidebar_position: 260 This connector exports and fulfills any data, including users and roles, from/to a [ServiceNow CMDB](https://www.servicenow.com/products/servicenow-platform/configuration-management-database.html). -This page is about [ ServiceNow ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow/index.md). +This page is about [ServiceNow](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow/index.md). ![Package: ITSM/ServiceNow](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/packages_servicenow_v603.webp) @@ -21,7 +21,7 @@ management (ITOM) and IT business management (ITBM), allowing users to manage pr customer interactions via a variety of apps and plugins. This section focuses on ServiceNow Entity Management. To learn about how to use this connector to create tickets for other resources, see -[ ServiceNow Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md). +[ServiceNow Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md). ## Prerequisites @@ -43,7 +43,7 @@ deleted items) can't be performed. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -134,9 +134,9 @@ This connector is meant to generate to the Output folder one CSV file for each table, named `_.csv`. Identity Manager lists the tables to retrieve based on -[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)'s +[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)'s and -[ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)'s +[Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)'s connection tables. For the connector to work properly, the connection tables must follow the naming convention too: @@ -241,9 +241,9 @@ specified in the corresponding Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | ----------------- | ------------------------------------------------ | @@ -256,7 +256,7 @@ Data protection can be ensured through: | Filter | `Connections----Filter` | | ResponseSizeLimit | `Connections----ResponseSizeLimit` | -- A [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- A [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store Active Directory's `Login`, `Password`, `Server`, `ClientId` and `ClientSecret`. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowticket/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowticket/index.md index 3efab7d53b..b9abedb4c7 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowticket/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowticket/index.md @@ -8,7 +8,7 @@ sidebar_position: 270 This connector opens tickets in [ServiceNow](https://www.servicenow.com/) for manual provisioning. -This page is about [ ServiceNow Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md). +This page is about [ServiceNow Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md). ![Package: Ticket/ServiceNow](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowticket/packages_servicenowticket_v603.webp) @@ -20,7 +20,7 @@ management (ITOM) and IT business management (ITBM), allowing users to manage pr customer interactions via a variety of apps and plugins. This section focuses on ServiceNow ticket creation for the fulfillment of resources that can't or shouldn't be performed with an existing fulfill. To learn about how to manage entities, see -[ ServiceNow ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md)Entity Management. +[ServiceNow](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md)Entity Management. ## Prerequisites @@ -36,7 +36,7 @@ Implementing this connector requires: ## Export This connector exports some of ServiceNow entities, see the export capabilities of the -[ ServiceNow ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md)connector. Some entities cannot be exported. +[ServiceNow](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md)connector. Some entities cannot be exported. ## Fulfill @@ -50,7 +50,7 @@ resource accordingly. See the [Entitlement Assignment](/docs/identitymanager/6.2/integration-guide/role-assignment/assignments-of-entitlements/index.md) topic for additional information. -See the fulfill capabilities of the [ ServiceNow ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md)connector. +See the fulfill capabilities of the [ServiceNow](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md)connector. > For example: > @@ -84,9 +84,9 @@ the user's **password_needs_reset** attribute is set to `true`. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | ------------------------- | ------------------------------------------------------ | @@ -99,7 +99,7 @@ Data protection can be ensured through: | TicketCookieDirectoryPath | `Connections----TicketCookieDirectoryPath` | | ResponseSizeLimit | `Connections----ResponseSizeLimit` | -- A [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- A [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store Active Directory's `Login`, `Password`, `Server`, `ClientId` and `ClientSecret`. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sharedfolder/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sharedfolder/index.md index 8c11c07c08..0fd3e39f80 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sharedfolder/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sharedfolder/index.md @@ -8,7 +8,7 @@ sidebar_position: 290 This connector exports users and permissions from Windows shared folders. -This page is about [ Shared Folders ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/shared-folders/index.md). +This page is about [Shared Folders](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/shared-folders/index.md). ![Package: Storage/Shared Folders](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharedfolder/packages_sharedfolders_v603.webp) @@ -35,7 +35,7 @@ This connector scans shared folders in order to export their content to CSV file ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -70,10 +70,10 @@ The identifier of the connection and thus the name of the subsection must: > "Connections": { > ... > "SharedFolderExport": { -> "InputDirectories": [ "OfficeNetwork/R&D_Projects", "OfficeNetwork/Management", "C:/" ], +> "InputDirectories": ["OfficeNetwork/R&D_Projects", "OfficeNetwork/Management", "C:/"], > "OnlyDirectoryScan": "true", > "LevelOfScan": "12", -> "ListOfSIDToAvoid": [ "S-1-3-2-4", "S-5-7-6-8" ], +> "ListOfSIDToAvoid": ["S-1-3-2-4", "S-5-7-6-8"], > "Login": "account@example.com", > "Password": "accountexamplepassword", > "Domain": "Example", @@ -137,9 +137,9 @@ This connector does not reset passwords. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | ----------------- | ------------------------------------------------ | @@ -152,7 +152,7 @@ Data protection can be ensured through: | Password | `Connections----Password` | | InputDirectories | `Connections----InputDirectories` | -- A [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- A [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store Active Directory's `Login` and `Password`. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sharepoint/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sharepoint/index.md index d72b75f656..eab1c60153 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sharepoint/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sharepoint/index.md @@ -252,7 +252,7 @@ Data protection can be ensured through: - A CyberArk Vault able to store SharePoint's `Login` and `Password`. See the -[ RSA Encryption ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), +[RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), [Azure Key Vault](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md), and [CyberArk's AAM Credential Providers ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sql/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sql/index.md index 183b6a6df8..1f82c46d3d 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sql/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sql/index.md @@ -11,13 +11,13 @@ This connector exports data from one of various This page is about: -- Database/[ Generic SQL ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-sql/index.md); -- Database/[ SQL Server ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sql-server/index.md); -- Database/[ MySQL ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/mysql/index.md); -- Database/[ ODBC ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/odbc/index.md); -- Database[ Oracle Database ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/oracle-database/index.md); -- Database/[ PostgreSQL ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/postgresql/index.md); -- [ SAP ASE ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sapase/index.md). +- Database/[Generic SQL](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-sql/index.md); +- Database/[SQL Server](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sql-server/index.md); +- Database/[MySQL](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/mysql/index.md); +- Database/[ODBC](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/odbc/index.md); +- Database[Oracle Database](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/oracle-database/index.md); +- Database/[PostgreSQL](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/postgresql/index.md); +- [SAP ASE](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sapase/index.md). ![Package: Directory/Database/Generic SQL](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/sql/packages_sqlgeneric_v603.webp) @@ -66,7 +66,7 @@ This connector exports the content of any table from an SQL database and writes ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -113,8 +113,8 @@ The identifier of the connection and thus the name of the subsection must: | Timeout optional | **Type** Int32 **Description** Time period (in seconds) after which the request attempt is terminated and an error is generated. | | | | | --- | --- | -| SqlCommand optional | **Type** String **Description** SQL request to be executed. **Note:** when not specified and `SqlFile` neither, then all the[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) of this connector will be exported. | -| SqlFile optional | **Type** String **Description** Path of the file containing the SQL request to be executed. **Note:** ignored when `SqlCommand` is specified. **Note:** when not specified and `SqlFile` neither, then all the [ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) of this connector will be exported. | +| SqlCommand optional | **Type** String **Description** SQL request to be executed. **Note:** when not specified and `SqlFile` neither, then all the[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) of this connector will be exported. | +| SqlFile optional | **Type** String **Description** Path of the file containing the SQL request to be executed. **Note:** ignored when `SqlCommand` is specified. **Note:** when not specified and `SqlFile` neither, then all the [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) of this connector will be exported. | | CsvEncoding default value: UTF-8 | **Type** String **Description** Encoding of the file. [See the list of available encodings](https://learn.microsoft.com/en-us/dotnet/api/system.text.encoding#see-the-list-of-available-encodings). | | ProviderClassFullName optional | **Type** String **Description** Invariant name to register the provider. **Note:** required when querying a DBMS other than Microsoft SQL Server. | | ProviderDllName optional | **Type** String **Description** DLL, i.e. name and extension, to be loaded by the connector. **Note:** the DLL must be in the `Runtime` folder. **Note:** required when querying a DBMS other than Microsoft SQL Server. | @@ -133,7 +133,7 @@ Connect to a DBMS other than Microsoft SQL Server by proceeding as follows: 3. Get the value required for `ProviderClassFullName` and `ProviderDllName`: - for a DBMS handled by Identity Manager's packages, by accessing the - [ References: Packages ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/index.md); + [References: Packages](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/index.md); > For MySQL: > @@ -210,9 +210,9 @@ This connector does not reset passwords. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | --------------------- | -------------------------------------------------- | @@ -224,5 +224,5 @@ Data protection can be ensured through: | ProviderDllName | `Connections----ProviderDllName` | | Timeout | `Connections----Timeout` | -[](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) +[](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) is not available for this connector. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md index 344520a51f..c956b9c593 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md @@ -10,7 +10,7 @@ This connector exports entitlements from [Microsoft SQL Server](https://www.microsoft.com/en-us/sql-server/). This page is about -[ SQL Server Entitlements ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sql-server-entitlements/index.md). +[SQL Server Entitlements](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sql-server-entitlements/index.md). ![Package: Database/Microsoft SQL Server Entitlements](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/sqlserverentitlements/packages_sqlservermanagement_v603.webp) @@ -84,7 +84,7 @@ This connector exports only in complete mode. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -117,7 +117,7 @@ The identifier of the connection and thus the name of the subsection must: > ... > "SqlServerEntitlementsExport": { > "ConnectionString": "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;", -> "Databases": [ "UsercubeDemo", "AdventureWorks2017" ] +> "Databases": ["UsercubeDemo", "AdventureWorks2017"] > } > } > } @@ -163,14 +163,14 @@ This connector does not reset passwords. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | ---------------- | ------------------------------------------------ | | ConnectionString | `Connections----ConnectionString` | | Timeout | `Connections----Timeout` | -[](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) +[](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) is not available for this connector. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/topsecret/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/topsecret/index.md index ba6f335cd7..80446195c0 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/topsecret/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/topsecret/index.md @@ -9,7 +9,7 @@ sidebar_position: 320 This connector exports users and profiles from a [Top Secret](https://www.ibm.com/docs/en/szs/2.2?topic=audit-top-secret) (TSS) instance. -This page is about [ TSS ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/tss/index.md). +This page is about [TSS](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/tss/index.md). ![Package: Mainframe/Top Secret](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/topsecret/packages_tss_v603.webp) diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/workday/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/workday/index.md index a15c67cdbc..0ebf7a1faa 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/workday/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/workday/index.md @@ -9,7 +9,7 @@ sidebar_position: 330 This connector exports users and groups from a [Workday](https://www.workday.com/en-us/products/talent-management/overview.html) instance. -This page is about [ Workday ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/workday/index.md). +This page is about [Workday](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/workday/index.md). ![Package: ERP/Workday](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/workday/packages_workday_v603.webp) @@ -37,7 +37,7 @@ This connector exports any entity available in WWS. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -98,14 +98,13 @@ to be exported. > ``` > bodies.json > { -> "Requests": [ -> { +> "Requests": [> { > "XmlBody": " ", > "EntityName": "workers", > "IncrementalTag": "Transaction_Log_Criteria_Data", > "WebService": "Human_Resources/v34.2" > } -> ] +>] > } > ``` @@ -127,15 +126,15 @@ Output folder: columns: - **Command**: used for - [ Prepare Synchronization Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md); + [Prepare Synchronization Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md); - one column for each XPath found in the - [ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)' + [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)' connection columns and - [ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)' + [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)' columns. [See Workday's documentation to compute XPaths](https://community.workday.com/sites/default/files/file-hosting/productionapi/Human_Resources/v34.2/samples/Get_Workers_Response.xml).``` `\_.csv` - Command,Key_XPath_1,Key_XPath_2,...,Key_XPath_N Add,value1,value2,...,valueN +**Command,Key_XPath_1,Key_XPath_2,...,Key_XPath_N Add,value1,value2,...,valueN** ``` @@ -173,9 +172,9 @@ Output folder: Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | ------------- | ------------------------------------------------ | @@ -185,7 +184,7 @@ Data protection can be ensured through: | Server | `Connections----Server` | - A - [](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) + [](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store Workday's `Login`, `Password` and `Server`. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-sql/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-sql/index.md index df2b8da6fe..49bd694c2f 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-sql/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-sql/index.md @@ -19,5 +19,5 @@ Exports data from a SQL database. When creating a connection to a database which is not handled by Identity Manager's packages, you'll need to fill in the `ProviderDllName` and `ProviderClassFullName` properties of the -[ Sql ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sql/index.md) connector using the procedure given in the +[Sql](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/sql/index.md) connector using the procedure given in the example. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-packages/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-packages/index.md index 911bd54c3f..428b748330 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-packages/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-packages/index.md @@ -13,183 +13,183 @@ If you are looking for the dll of a given package, be aware that you can often f 2. Copy the dll file (corresponding to the appropriate .Net version) to the `Runtime` folder. -- [ Active Directory ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/active-directory/index.md) +- [Active Directory](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/active-directory/index.md) Manages users and groups in Active Directory. This package supports incremental synchronization with the DirSync mechanism. -- [ Apache Directory ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/apache-directory/index.md) +- [Apache Directory](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/apache-directory/index.md) Manages users and groups in Apache Directory. -- [ Azure ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/azure/index.md) +- [Azure](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/azure/index.md) Exports Azure resources, role definitions and role assignments. -- [ CSV ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/csv/index.md) +- [CSV](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/csv/index.md) Exports CSV to prepare synchronization. -- [ CyberArk ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/cyberark/index.md) +- [CyberArk](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/cyberark/index.md) Manages CyberArk entities, including user and group assignments. -- [ EasyVista ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/easyvista/index.md) +- [EasyVista](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/easyvista/index.md) Manages users inside an EasyVista instance. This package supports incremental synchronization. -- [ EasyVista Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/easyvistaticket/index.md) +- [EasyVista Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/easyvistaticket/index.md) Creates tickets inside an EasyVista instance. This package supports incremental synchronization. -- [ Excel ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/excel/index.md) +- [Excel](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/excel/index.md) Exports Excel data sheets. -- [ Generic LDAP ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-ldap/index.md) +- [Generic LDAP](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-ldap/index.md) Manages entries in an LDAP compliant directory. -- [ Generic SCIM ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-scim/index.md) +- [Generic SCIM](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-scim/index.md) Manages entities in SCIM compatible application. -- [ Generic SQL ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-sql/index.md) +- [Generic SQL](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/generic-sql/index.md) Exports data from a SQL database. -- [ Google Workspace ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/googleworkspace/index.md) +- [Google Workspace](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/googleworkspace/index.md) Manages Google Workspace entities. -- [ Home Folders ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/home-folders/index.md) +- [Home Folders](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/home-folders/index.md) Manages Home Folders. -- [ JSON ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/json/index.md) +- [JSON](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/json/index.md) Generate JSON files for each provisioning order. These JSON can then be used by custom scripts. -- [ LDIF ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/ldif/index.md) +- [LDIF](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/ldif/index.md) Exports entries from a LDIF file. -- [ Manual Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/manual-ticket/index.md) +- [Manual Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/manual-ticket/index.md) Opens manual provisioning tickets in Identity Manager. -- [ Manual Ticket and CUD Resources ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/manual-ticket-and-cud-resources/index.md) +- [Manual Ticket and CUD Resources](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/manual-ticket-and-cud-resources/index.md) Opens manual provisioning tickets in Identity Manager. -- [ Microsoft Entra ID ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/azure-active-directory/index.md) +- [Microsoft Entra ID](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/azure-active-directory/index.md) Manages users and groups in Microsoft Entra ID (formerly Microsoft Azure AD). This package supports incremental synchronization with the delta API. -- [ Microsoft Exchange ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/microsoft-exchange/index.md) +- [Microsoft Exchange](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/microsoft-exchange/index.md) Manages Microsoft Exchange mailboxes. This package supports incremental synchronization. -- [ MySQL ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/mysql/index.md) +- [MySQL](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/mysql/index.md) Export data from a MySQL database. -- [ OData ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/odata/index.md) +- [OData](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/odata/index.md) Manages OData entities. -- [ ODBC ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/odbc/index.md) +- [ODBC](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/odbc/index.md) Exports data from a generic ODBC compatible database. -- [ Open LDAP ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/open-ldap/index.md) +- [Open LDAP](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/open-ldap/index.md) Manages entries in Open LDAP. This package supports incremental synchronization with the sysrepl mechanism. -- [ Oracle Database ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/oracle-database/index.md) +- [Oracle Database](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/oracle-database/index.md) Export data from an Oracle database. -- [ Oracle LDAP ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/oracle-ldap/index.md) +- [Oracle LDAP](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/oracle-ldap/index.md) Manages entries in Oracle Internet Directory. -- [ PostgreSQL ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/postgresql/index.md) +- [PostgreSQL](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/postgresql/index.md) Export data from a PostgreSQL database. -- [ PowerShellProv ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/powershellprov/index.md) +- [PowerShellProv](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/powershellprov/index.md) Fulfills an external system with a custom PowerShell script. -- [ PowerShellSync ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/powershellsync/index.md) +- [PowerShellSync](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/powershellsync/index.md) Create a CSV export from a Powershell Script. -- [ RACF ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/racf/index.md) +- [RACF](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/racf/index.md) Exports the RACF users and profiles. -- [ Red Hat Directory Server ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/red-hat-directory-server/index.md) +- [Red Hat Directory Server](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/red-hat-directory-server/index.md) Manages entries in a Red Hat Directory Server. -- [ Robot Framework ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/robot-framework/index.md) +- [Robot Framework](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/robot-framework/index.md) Fulfills an external system using a Robot Framework script. -- [ Salesforce ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/salesforce/index.md) +- [Salesforce](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/salesforce/index.md) Manages Salesforce entities. -- [ SAP ASE ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sapase/index.md) +- [SAP ASE](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sapase/index.md) Exports data from a SAP ASE database. -- [ SAP ERP 6.0 ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/saperp6/index.md) +- [SAP ERP 6.0](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/saperp6/index.md) Manages users and roles in SAP ERP 6.0. -- [ SAP S/4 HANA ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/saphana/index.md) +- [SAP S/4 HANA](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/saphana/index.md) Manages users and roles in SAP S/4 HANA. -- [ ServiceNow ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow/index.md) +- [ServiceNow](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow/index.md) Manages any data in the CMDB, including users and roles. This package supports incremental synchronization. -- [ ServiceNow Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) +- [ServiceNow Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) Opens tickets in ServiceNow for the manual provisioning. -- [ Shared Folders ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/shared-folders/index.md) +- [Shared Folders](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/shared-folders/index.md) Manages users and permissions in Shared Folders. -- [ SharePoint ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sharepoint/index.md) +- [SharePoint](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sharepoint/index.md) Exports sites, folders, SharePoint groups and permissions. -- [ Slack ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/slack/index.md) +- [Slack](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/slack/index.md) Manages Slack entities. -- [ SQL Server ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sql-server/index.md) +- [SQL Server](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sql-server/index.md) Export data from a SQL Server database. -- [ SQL Server Entitlements ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sql-server-entitlements/index.md) +- [SQL Server Entitlements](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sql-server-entitlements/index.md) Exports SQL Server Entitlements. -- [ TSS ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/tss/index.md) +- [TSS](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/tss/index.md) Exports the Top Secret users and profiles. -- [ Unplugged ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/unplugged/index.md) +- [Unplugged](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/unplugged/index.md) Manages an unplugged system with a completely custom data model. @@ -198,10 +198,10 @@ If you are looking for the dll of a given package, be aware that you can often f Updates the Identity Manager database for each provisioning order. This package is used for HR systems, authoritative systems or other Identity Manager instances. -- [ Workday ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/workday/index.md) +- [Workday](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/workday/index.md) Manages users and groups in Workday. -- [ Workflow ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/workflow/index.md) +- [Workflow](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/workflow/index.md) Triggers workflows in Identity Manager for each provisioning order. diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-packages/oracle-database/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-packages/oracle-database/index.md index 4e3276c86b..f12348db3e 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-packages/oracle-database/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-packages/oracle-database/index.md @@ -25,4 +25,7 @@ To use this package, `Oracle.ManagedDataAccess.Core` needs to be [downloaded from the Oracle website](https://www.oracle.com/database/technologies/net-downloads.html) (selecting the `ODP.NET` release) and copied to the `Runtime` folder. -**NOTE:** The DLL in the "Oracle.ManagedDataAccess" package isn't compatible with .NET 8 +:::note +The DLL in the "Oracle.ManagedDataAccess" package isn't compatible with .NET 8 + +::: diff --git a/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sql-server-entitlements/index.md b/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sql-server-entitlements/index.md index fc3cd5938f..363d6443da 100644 --- a/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sql-server-entitlements/index.md +++ b/docs/identitymanager/6.2/integration-guide/connectors/references-packages/sql-server-entitlements/index.md @@ -6,7 +6,7 @@ sidebar_position: 360 # SQL Server Entitlements -Exports SQL Server Entitlements +**Exports SQL Server Entitlements** | Package Characteristics | Value | | ----------------------- | ------------------------------------------ | diff --git a/docs/identitymanager/6.2/integration-guide/entity-model/index.md b/docs/identitymanager/6.2/integration-guide/entity-model/index.md index 9246c957e3..84bc3697e9 100644 --- a/docs/identitymanager/6.2/integration-guide/entity-model/index.md +++ b/docs/identitymanager/6.2/integration-guide/entity-model/index.md @@ -35,29 +35,29 @@ The **metadata** of a resource is the description of the resources' shape. Using _Entity-Relationship_ vocabulary, it's a list of property names and types for a resource. The metadata is written using -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md), -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and -[ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md), +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and +[Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). #### Entity types Every resource is assigned an -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that describes its shape. +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that describes its shape. It's a description of the resource: it can be a managed system's resource or a real world entity such as an identity or a department. -An [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) includes: +An [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) includes: -- One or more [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) +- One or more [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) - Zero or more - [ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) + [Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) #### Entity properties Properties are key-value pairs, with a name and type that describes the nature of the value held by the property. They are described by -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties. +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties. There are two kind of properties: **Scalar Properties** and **Navigation Properties**. @@ -87,7 +87,7 @@ of the link. #### Entity association -An [ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) +An [Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) describes a link between entity types. It connects a pair of navigation properties, from two **Entity Types**. @@ -102,7 +102,7 @@ Given a navigation property A of EntityType 1, linking EntityType 1 to navigatio EntityType 2, then navigation property B is called the reverse property of navigation property A and navigation property A is called the reverse property of navigation property B. -For example, +**For example,** - The _User_ entity type has the navigational property _Positions_ (a link to **zero or more\_**Position\_ entities); @@ -128,7 +128,7 @@ named \_`InternalDisplayName___L{Index}`_ where \_Index_ reference the #### Computed property A property can be calculated from other properties. The -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression element allows the expression of a computed property. It references the property (specifying the entity type's identifier and the property's identifier) and expresses the calculation based on a given entity using the calculation [Expressions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md) syntax. @@ -145,7 +145,7 @@ explicitly declared in the applicative configuration. It represents a user-friendly name for **EntityType** that is used in the UI if needed. Its value can be explicitly computed by an -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression. +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression. Otherwise, a default value is automatically computed by Identity Manager using the first property of the **EntityType** where `identifier` contains the string _"name"_. If no such property is found, the first declared property of the **EntityType** is used instead. @@ -172,32 +172,32 @@ Binary property values (such as pictures or files) are stored in the UR_Resource ### Mapping Identity Manager's Entity Model also contains **a mapping** between the external data and -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties or -[](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md)[ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties or +[](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md)[Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). That's why entity types are organized into **connectors**. The **mapping\_**connects\_ entity types to external sources of truth. This information is provided by the -[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), their -[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and -[ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). +[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), their +[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and +[Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). To build Identity Manager resources from external data found in the managed system, the entity model provides a mapping between the external data (often in the form of CSV files, see -[ Upward Data Synchronization ](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md)) and entity +[Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md)) and entity properties. This information is provided by the -[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), their -[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)and -[ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). +[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), their +[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)and +[Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). Every -[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)maps a -CSV column to a scalar [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). +[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)maps a +CSV column to a scalar [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). Every -[ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +[Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) maps a CSV column to a navigation -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). #### Format @@ -217,9 +217,9 @@ something readable by the external system. ![Export and Fulfill Data transformation](/img/product_docs/identitymanager/saas/integration-guide/connectors/entitypropertymapping-format/entitypropertymapping-format-flowchart.webp) The format used in the external system can be provided through the -[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) using +[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) using the -[ References: Format for the EntityPropertyMapping ](/docs/identitymanager/6.2/integration-guide/connectors/entitypropertymapping-format/index.md) +[References: Format for the EntityPropertyMapping](/docs/identitymanager/6.2/integration-guide/connectors/entitypropertymapping-format/index.md) attribute to help Identity Manager to convert data appropriately. If the field in the external system is not forced to a specific value type, but is free-form @@ -230,7 +230,7 @@ external system. #### Primary key When writing an -[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), one of +[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), one of the _scalar properties_ should be chosen as primary key. This property will be used by Identity Manager to [uniquely identify a resource](https://en.wikipedia.org/wiki/Primary_key). It is hence crucial to choose carefully as many of Identity Manager's processes and optimizations depend on this @@ -245,7 +245,7 @@ the database. The views are useful to understand how Identity Manager works or configuration. SQL Views are built by the -[ Create Database Views Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md). +[Create Database Views Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md). SQL Views created by this tool are identified in the database by a `zz_` prefix. diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/anonymize/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/anonymize/index.md index ac6c1400ee..dae1ebec04 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/anonymize/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/anonymize/index.md @@ -76,7 +76,7 @@ The following command outputs the anonymized data in STDOUT. ``` -./identitymanager-Anonymize.exe -n C:/Projects/identitymanager/Documentation/exampleSources/Anonymizer/users.csv -s "," --columns first_name,last_name,mail:email,number:phone +**./identitymanager-Anonymize.exe -n C:/Projects/identitymanager/Documentation/exampleSources/Anonymizer/users.csv -s "," --columns first_name,last_name,mail:email,number:phone** ``` diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/compute-correlationkeys/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/compute-correlationkeys/index.md index ab5015ffcd..c266ff4853 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/compute-correlationkeys/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/compute-correlationkeys/index.md @@ -15,7 +15,7 @@ string, for all entity types. ``` -./identitymanager-Compute-CorrelationKeys.exe --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false" -a +**./identitymanager-Compute-CorrelationKeys.exe --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false" -a** ``` diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/configuration-transform/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/configuration-transform/index.md index 9babdaa02c..052b31bde3 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/configuration-transform/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/configuration-transform/index.md @@ -21,11 +21,11 @@ The resulting files are saved in `C:/identitymanagerDemo/ConfTransformed`. ``` -./identitymanager-Configuration-Transform.exe --input "C:/identitymanagerDemo/Conf" --output "C:/identitymanagerDemo/ConfTransformed" --transformation-file "C:/identitymanagerDemo/transformations.json" +**./identitymanager-Configuration-Transform.exe --input "C:/identitymanagerDemo/Conf" --output "C:/identitymanagerDemo/ConfTransformed" --transformation-file "C:/identitymanagerDemo/transformations.json"** ``` -transformations.json +**transformations.json** ```json { diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/create-databaseviews/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/create-databaseviews/index.md index 78ad0df81b..a64f2db500 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/create-databaseviews/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/create-databaseviews/index.md @@ -31,8 +31,8 @@ Identity Manager's database. | --progress-use-api optional | **Type** String **Description** Update progress with the API. | | | | | --- | --- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/decrypt-file/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/decrypt-file/index.md index 49f51a9e0f..509f88e3c4 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/decrypt-file/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/decrypt-file/index.md @@ -19,7 +19,7 @@ using the agent side certificate defined in the agent's `appsettings.json`. ``` -$decryptFile = & ./identitymanager-Decrypt-File.exe --files $ordersFile +**$decryptFile = & ./identitymanager-Decrypt-File.exe --files $ordersFile** ``` diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/deploy-configuration/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/deploy-configuration/index.md index 7185a810ee..15eee8ccc6 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/deploy-configuration/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/deploy-configuration/index.md @@ -11,7 +11,7 @@ items to insert, update or delete in the application. ## Examples -Locally +**Locally** The following example deploys an on-premise configuration via a direct connection to the database through its connection string: @@ -23,7 +23,7 @@ script in the command line. ./identitymanager-Deploy-Configuration.exe -d "C:/identitymanager/Conf" --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;" ``` -Remotely +**Remotely** The following example deploys a SaaS configuration via an HTTP POST request to the server of the remote configuration: @@ -35,10 +35,13 @@ script in the command line. ./identitymanager-Deploy-Configuration.exe -d "C:/identitymanager/Conf" --api-url https://my_usercube_instance.com ``` -**_RECOMMENDED:_** To be able to deploy a SaaS configuration, you must first provide your Identity +:::info +To be able to deploy a SaaS configuration, you must first provide your Identity Manager administrator with identity information. See the -[ Deploy the Configuration ](/docs/identitymanager/6.2/integration-guide/toolkit/deploy-configuration/index.md) topic for +[Deploy the Configuration](/docs/identitymanager/6.2/integration-guide/toolkit/deploy-configuration/index.md) topic for additional information. +::: + ## Arguments diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/easyvistaticket-updatefulfillmentstate/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/easyvistaticket-updatefulfillmentstate/index.md index cd543e61e3..82ff72dbc6 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/easyvistaticket-updatefulfillmentstate/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/easyvistaticket-updatefulfillmentstate/index.md @@ -46,8 +46,8 @@ set the fulfillment state of the corresponding assigned resource types. | Argument Name | Details | | ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an[ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an[OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md index b9d1f729db..8d2993d571 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md @@ -76,13 +76,13 @@ remote configuration: ``` -./identitymanager-Export-Configuration.exe -d "C:/identitymanager/ExportedConf" --api-url https://my_usercube_instance.com +**./identitymanager-Export-Configuration.exe -d "C:/identitymanager/ExportedConf" --api-url https://my_usercube_instance.com** ``` To be able to export a SaaS configuration, you must first provide your Identity Manager administrator with identity information. See the -[ Export the Configuration ](/docs/identitymanager/6.2/integration-guide/toolkit/export-configuration/index.md) topic for +[Export the Configuration](/docs/identitymanager/6.2/integration-guide/toolkit/export-configuration/index.md) topic for additional information. ### Basic export for a change of environment diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-easyvista/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-easyvista/index.md index dce1bd521f..3814792811 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-easyvista/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-easyvista/index.md @@ -34,8 +34,8 @@ But the identifiers can be also given instead of the id: | Argument Name | Details | | ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-scim/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-scim/index.md index 7227266caa..8b002b581f 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-scim/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-scim/index.md @@ -34,8 +34,8 @@ But the identifiers can be also given instead of the id: | Argument Name | Details | | -------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-toeasyvistaticket/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-toeasyvistaticket/index.md index a5322cb3d4..28261656c1 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-toeasyvistaticket/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-toeasyvistaticket/index.md @@ -34,8 +34,8 @@ But the identifiers can be also given instead of the id: | Argument Name | Details | | ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/generate-configuration/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/generate-configuration/index.md index 7e8807da4b..a29c3bb194 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/generate-configuration/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/generate-configuration/index.md @@ -31,7 +31,7 @@ From a list of CSV files, generates the configuration of the entities representi complex connector requires as an argument an xml file containing all the CSV files to be processed as well as the primary keys of these files. -Example of xml file +**Example of xml file** ``` @@ -54,7 +54,7 @@ Example of xml file ``` -./identitymanager-Generate-Configuration.exe simpleconnector -g "C:/GeneratedFile/file" -f "C:/SourceFile/confFile.csv" +**./identitymanager-Generate-Configuration.exe simpleconnector -g "C:/GeneratedFile/file" -f "C:/SourceFile/confFile.csv"** ``` @@ -62,7 +62,7 @@ Example of xml file ``` -./identitymanager-Generate-Configuration.exe complexconnector -g "C:/GeneratedFile/file" "C:/SourceFile/confFile.xml" +**./identitymanager-Generate-Configuration.exe complexconnector -g "C:/GeneratedFile/file" "C:/SourceFile/confFile.xml"** ``` diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/index.md index 97a9ee900d..4752ba0764 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/index.md @@ -14,23 +14,23 @@ sidebar_position: 10 Transforms strings to anonymize given data. -- [ Usercube-Compute-CorrelationKeys ](/docs/identitymanager/6.2/integration-guide/executables/references/compute-correlationkeys/index.md) +- [Usercube-Compute-CorrelationKeys](/docs/identitymanager/6.2/integration-guide/executables/references/compute-correlationkeys/index.md) Computes the values of all correlation keys. -- [ Usercube-Configuration-Transform ](/docs/identitymanager/6.2/integration-guide/executables/references/configuration-transform/index.md) +- [Usercube-Configuration-Transform](/docs/identitymanager/6.2/integration-guide/executables/references/configuration-transform/index.md) Applies a series of transformation. -- [ Usercube-Create-DatabaseViews ](/docs/identitymanager/6.2/integration-guide/executables/references/create-databaseviews/index.md) +- [Usercube-Create-DatabaseViews](/docs/identitymanager/6.2/integration-guide/executables/references/create-databaseviews/index.md) Generates entity model SQL views in the Identity Manager database. -- [ Usercube-CSV-Transform ](/docs/identitymanager/6.2/integration-guide/executables/references/csv-transform/index.md) +- [Usercube-CSV-Transform](/docs/identitymanager/6.2/integration-guide/executables/references/csv-transform/index.md) Modifies a CSV file by performing operations on its headers and/or columns. -- [ Usercube-Decrypt-File ](/docs/identitymanager/6.2/integration-guide/executables/references/decrypt-file/index.md) +- [Usercube-Decrypt-File](/docs/identitymanager/6.2/integration-guide/executables/references/decrypt-file/index.md) Decrypts an input file to save it into an output file or an OutPutConsole that can be used in Powershell scripts or programs. @@ -40,11 +40,11 @@ sidebar_position: 10 Retrieves all XML configuration files from a given folder, in order to calculate the configuration items to insert, update or delete in the application. -- [ Usercube-EasyVistaTicket-UpdateFulfillmentState ](/docs/identitymanager/6.2/integration-guide/executables/references/easyvistaticket-updatefulfillmentstate/index.md) +- [Usercube-EasyVistaTicket-UpdateFulfillmentState](/docs/identitymanager/6.2/integration-guide/executables/references/easyvistaticket-updatefulfillmentstate/index.md) Updates the assigned resource types according to EasyVista tickets state. -- [ Usercube-Encrypt-File ](/docs/identitymanager/6.2/integration-guide/executables/references/encrypt-file/index.md) +- [Usercube-Encrypt-File](/docs/identitymanager/6.2/integration-guide/executables/references/encrypt-file/index.md) Encrypts an input file or the InputConsole of a Powershell program or file to save it as an encrypted output file. @@ -53,7 +53,7 @@ sidebar_position: 10 Exports the database to a bacpac file. -- [ Usercube-Export-Configuration ](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) +- [Usercube-Export-Configuration](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) Generates in a folder the files of the configuration found in the database. @@ -61,7 +61,7 @@ sidebar_position: 10 Exports CSV files. -- [ Usercube-Export-EasyVista ](/docs/identitymanager/6.2/integration-guide/executables/references/export-easyvista/index.md) +- [Usercube-Export-EasyVista](/docs/identitymanager/6.2/integration-guide/executables/references/export-easyvista/index.md) Exports CSV files. @@ -77,7 +77,7 @@ sidebar_position: 10 Fills the `BankingSystem` database for the Banking demo application. -- [ Usercube-Fulfill-EasyVista ](/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-easyvista/index.md) +- [Usercube-Fulfill-EasyVista](/docs/identitymanager/6.2/integration-guide/executables/references/fulfill-easyvista/index.md) Creates, updates and archives employees in an EasyVista instance. @@ -93,23 +93,23 @@ sidebar_position: 10 Generates from a CSV file the configuration of a connector with these entities. -- [ Usercube-Get-JobSteps ](/docs/identitymanager/6.2/integration-guide/executables/references/get-jobsteps/index.md) +- [Usercube-Get-JobSteps](/docs/identitymanager/6.2/integration-guide/executables/references/get-jobsteps/index.md) Returns the list of all tasks present in a given job. -- [ Usercube-Invoke-Job ](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md) +- [Usercube-Invoke-Job](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md) Launches a job on the agent side. -- [ Usercube-Invoke-ServerJob ](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-serverjob/index.md) +- [Usercube-Invoke-ServerJob](/docs/identitymanager/6.2/integration-guide/executables/references/invoke-serverjob/index.md) Launches jobs on the server side. -- [ Usercube-Login ](/docs/identitymanager/6.2/integration-guide/executables/references/login/index.md) +- [Usercube-Login](/docs/identitymanager/6.2/integration-guide/executables/references/login/index.md) Provides an authentication token needed for SaaS configuration deployment/export. -- [ Usercube-Manage-Configuration Dependent Indexes ](/docs/identitymanager/6.2/integration-guide/executables/references/manage-configurationdependantindexes/index.md) +- [Usercube-Manage-Configuration Dependent Indexes](/docs/identitymanager/6.2/integration-guide/executables/references/manage-configurationdependantindexes/index.md) Creates the necessary indexes based on the latest deployed configuration to optimize performances. @@ -119,32 +119,32 @@ sidebar_position: 10 Manages the data history stored in the database. It can purge old data or consolidate the history. -- [ Usercube-New-OpenIDSecret ](/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md) +- [Usercube-New-OpenIDSecret](/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md) Allows to generate the hashed password of the secret to connect to the given client for agent side job Identity Manager. -- [ Usercube-PasswordGenerator ](/docs/identitymanager/6.2/integration-guide/executables/references/passwordgenerator/index.md) +- [Usercube-PasswordGenerator](/docs/identitymanager/6.2/integration-guide/executables/references/passwordgenerator/index.md) Generates a password. -- [ Usercube-Prepare-Synchronization ](/docs/identitymanager/6.2/integration-guide/executables/references/prepare-synchronization/index.md) +- [Usercube-Prepare-Synchronization](/docs/identitymanager/6.2/integration-guide/executables/references/prepare-synchronization/index.md) Cleanses exported CSV files. -- [ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) +- [Usercube-Protect-CertificatePassword](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) Encrypts a .pfx archive password using a Identity Manager provided RSA key. -- [ Usercube-Protect-X509JsonFile ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonfile/index.md) +- [Usercube-Protect-X509JsonFile](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonfile/index.md) Encrypts sensitive data from a given JSON file. -- [ Usercube-Protect-X509JsonValue ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonvalue/index.md) +- [Usercube-Protect-X509JsonValue](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonvalue/index.md) Encrypts the values of sensitive data. -- [ Usercube-RefreshSchema ](/docs/identitymanager/6.2/integration-guide/executables/references/refreshschema/index.md) +- [Usercube-RefreshSchema](/docs/identitymanager/6.2/integration-guide/executables/references/refreshschema/index.md) Refreshes the schema of a given connection. Takes as input a connection, and refreshes its schema. The result of the update is stored into the database. diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md index 61588762bc..eddd9b7332 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/invoke-job/index.md @@ -18,12 +18,12 @@ When a job is launched, the state machine starts by computing all the tasks that the job. Each task is assigned a launch order which can be configured in -[ Job ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/job/index.md) steps. All the job's tasks are grouped +[Job](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/job/index.md) steps. All the job's tasks are grouped together according to their launch order, and they are launched by group. Such task grouping allows the job to be faster executed. The launch orders of all the tasks of a job can be listed by using the -[ Usercube-Get-JobSteps ](/docs/identitymanager/6.2/integration-guide/executables/references/get-jobsteps/index.md) executable. +[Usercube-Get-JobSteps](/docs/identitymanager/6.2/integration-guide/executables/references/get-jobsteps/index.md) executable. Before any task is launched, the state machine checks the task's parent tasks in order to verify whether the task must be launched or not. @@ -53,7 +53,7 @@ Then the task is launched, and then: In the case where the job is blocked and restarted: - if the blocked task is a - [ Synchronize Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md), + [Synchronize Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md), then the state machine runs a synchronization validation on the related connector, and uses the id of the blocked task instance to synchronize the related tables; - if the blocked task is a @@ -94,6 +94,6 @@ launch group. | --task-string-contains (-s) optional | **Type** String **Description** Launches all tasks with an identifier containing the given value. | | | | | --- | --- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect /Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect /Secret pair/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect /Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect /Secret pair/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/invoke-serverjob/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/invoke-serverjob/index.md index f8d45545bf..e3d8f1ae8c 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/invoke-serverjob/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/invoke-serverjob/index.md @@ -12,13 +12,13 @@ To launch the job in the Server side only you need to run the executable Usercube-Invoke-ServerJob.exe. To know the task launch orders in job use the following exe: Usercube-Get-Job Steps .exe. See the -[ Usercube-Get-JobSteps ](/docs/identitymanager/6.2/integration-guide/executables/references/get-jobsteps/index.md) topic for additional information. +[Usercube-Get-JobSteps](/docs/identitymanager/6.2/integration-guide/executables/references/get-jobsteps/index.md) topic for additional information. ## Examples ``` -.\Usercube-Invoke-ServerJob.exe -g "CleanDatabase" -s secret +**.\Usercube-Invoke-ServerJob.exe -g "CleanDatabase" -s secret** ``` diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/login/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/login/index.md index e94876e771..6a8e88f94a 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/login/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/login/index.md @@ -20,7 +20,7 @@ Identity Manager's IDP that will provide you with the authentication token. ``` -./identitymanager-Login.exe +**./identitymanager-Login.exe** ``` @@ -31,7 +31,7 @@ redirected to the IDP that will provide you with the authentication token. ``` -./identitymanager-Login.exe --authority https://my_oidc_authentication_server.com --client-id 34b3c-fb45da-3ed32 +**./identitymanager-Login.exe --authority https://my_oidc_authentication_server.com --client-id 34b3c-fb45da-3ed32** ``` @@ -41,7 +41,7 @@ be redirected to Identity Manager's IDP. that will provide you with the authenti ``` -./identitymanager-Login.exe --port 5050 +**./identitymanager-Login.exe --port 5050** ``` diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/manage-history/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/manage-history/index.md index 85075e66ab..522f637562 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/manage-history/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/manage-history/index.md @@ -17,7 +17,7 @@ which are the tables actually purged: `ur_resources`; `ur_resourcelinks`; ## Examples -Purge before a period +**Purge before a period** To clean the database periodically, it can be purged of all the history older than a given period of time. @@ -31,7 +31,7 @@ script in the command line. ./identitymanager-Manage-History.exe --purge-before-months 12 --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;" ``` -Purge before a date +**Purge before a date** The database can be purged of all history older than a given date. @@ -44,7 +44,7 @@ script in the command line. ./identitymanager-Manage-History.exe --purge-before-date 19930526 --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;" ``` -Optimize +**Optimize** The database's history can be optimized by removing intermediate versions based on their age, for example keeping only one version the last week, one per month the last 6 months and then one per @@ -78,7 +78,7 @@ you can specify a short duration that allows a single change, for example only o following example copies the previous one, in addition we want to keep all changes of the last 6 hours (360 minutes): `--optimize 1:360 1440:7 43920:6 525960:2`. -Clean duplicates +**Clean duplicates** As given data can have several versions in the database, redundant rows can be deleted and replaced with one row that covers the consolidated time range. @@ -90,7 +90,7 @@ script in the command line. ``` -./identitymanager-Manage-History.exe --clean-duplicates --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;" +**./identitymanager-Manage-History.exe --clean-duplicates --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;"** ``` @@ -105,7 +105,7 @@ script in the command line. ``` -Solicit memory rather than the database +**Solicit memory rather than the database** To reduce the database load, the tool's optimizations can be made via the local device's memory. diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md index 66a56f05b6..8b9b6500ab 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md @@ -20,9 +20,7 @@ Usercube-New-OpenIDSecret.exe'. ```` -The output shows the client secret and its hashed version. It must be entered in the [ -OpenIdClient -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) configuration. +The output shows the client secret and its hashed version. It must be entered in the [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) configuration. ## Arguments diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/prepare-synchronization/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/prepare-synchronization/index.md index caaa2ec2d3..554d4e8412 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/prepare-synchronization/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/prepare-synchronization/index.md @@ -22,9 +22,9 @@ topic for additional information. The following actions are performed on the _CSV source files_: 1. Remove columns that are not used in - [ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) + [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or - [ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). + [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). 2. Remove entries that have a null primary key. 3. Remove duplicates. 4. Sort entries according to the primary key. @@ -34,9 +34,9 @@ The result of the _Prepare-Synchronization_ is stored in the as three files: - For every entity type of the relevant _Connector_ involved in an - [ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) + [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or an - [ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), + [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), a `.sorted.csv` file is generated, containing the final, cleansed and sorted result. - Duplicates are kept in a separate `.duplicates.csv` file. - Null primary key entries are kept in a separate `.nullpk.csv` file. @@ -126,15 +126,15 @@ and _manager_). | Name | Details | | ----------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| --agent required | **Type** [ Agent ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/agent/index.md) **Description** Identifier of the agent where the task runs. | -| --connector required | **Type** [ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) **Description** Identifier of the linked connector. The task is linked to a connector whose entity types are synchronized. | -| --synchronization-mode required | **Type** [ Upward Data Synchronization ](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md)Mode **Description** Synchronization mode for this task can be one of the following: - Initial - Complete - Incremental This must be the same as the associated Export and Synchronize tasks. Use _initial_ if this is the first time the target managed system is synchronized. Use _complete_ to load the data from the managed system as a whole. Use _incremental_ to consider only incremental changes from the last synchronization. In _incremental_ mode, the Prepare-Synchronization task computes changes in the source managed system since the last _Prepare-Synchronization_. | +| --agent required | **Type** [Agent](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/agent/index.md) **Description** Identifier of the agent where the task runs. | +| --connector required | **Type** [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) **Description** Identifier of the linked connector. The task is linked to a connector whose entity types are synchronized. | +| --synchronization-mode required | **Type** [Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md)Mode **Description** Synchronization mode for this task can be one of the following: - Initial - Complete - Incremental This must be the same as the associated Export and Synchronize tasks. Use _initial_ if this is the first time the target managed system is synchronized. Use _complete_ to load the data from the managed system as a whole. Use _incremental_ to consider only incremental changes from the last synchronization. In _incremental_ mode, the Prepare-Synchronization task computes changes in the source managed system since the last _Prepare-Synchronization_. | | --sources-directory default value: ExportOutput | **Type** String **Description** Directory path, relative to temp folder, from which export files to cleanse are read. See the [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/general-purpose/index.md) topic for additional information | | --working-directory default value: Collect | **Type** String **Description** The directory path, relative to work folder, to which intermediary and cleansed files are stored. See the [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/general-purpose/index.md) topic for additional information | | | | | --- | --- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an OpenID Connect ClientId/Secret pair, linked to a profile with the relevant permissions. See the [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an OpenID Connect ClientId/Secret pair, linked to a profile with the relevant permissions. See the [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an OpenID Connect ClientId/Secret pair, linked to a profile with the relevant permissions. See the [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an OpenID Connect ClientId/Secret pair, linked to a profile with the relevant permissions. See the [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md index f51f5335d1..48b5a49ef3 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md @@ -24,7 +24,7 @@ The output is the following : ``` -ep4BsLtg5RVFVI1kEIMZbV1q7Bg2eAFzeD73YX5fV7eklSIqcJcxHsCQbyY2zKLppXSX+Zpwm7xU5QY6DTAJleFbWsP/p0fjXUn1agy1tQ6l6t6wvURBZcePEgu+ivNjpUENbDIBotPdzbpISLJIjQbISzHDWnHuWPk/l8h0wXU=@WrAj9YdcNK8cQvfopZa5g1QFc1hk6nPolkwQAkU2ORfXupgV7kaWgKF4W/UmC0XXg4zuaqpVui6ivB0jbLTiXgQ62o+bG9ZSEJLaur4d20TMRNadqnWTWPWhVJF6XiS4jX7sDvVrZO3sKQJMNzZSeTKmsl0w0boCBEkuHsWDA24=@0oLLKxcTJGxSx1uGvhexEA== +**ep4BsLtg5RVFVI1kEIMZbV1q7Bg2eAFzeD73YX5fV7eklSIqcJcxHsCQbyY2zKLppXSX+Zpwm7xU5QY6DTAJleFbWsP/p0fjXUn1agy1tQ6l6t6wvURBZcePEgu+ivNjpUENbDIBotPdzbpISLJIjQbISzHDWnHuWPk/l8h0wXU=@WrAj9YdcNK8cQvfopZa5g1QFc1hk6nPolkwQAkU2ORfXupgV7kaWgKF4W/UmC0XXg4zuaqpVui6ivB0jbLTiXgQ62o+bG9ZSEJLaur4d20TMRNadqnWTWPWhVJF6XiS4jX7sDvVrZO3sKQJMNzZSeTKmsl0w0boCBEkuHsWDA24=@0oLLKxcTJGxSx1uGvhexEA==** ``` diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonfile/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonfile/index.md index cdd268d738..5756bce5a4 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonfile/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonfile/index.md @@ -8,14 +8,14 @@ sidebar_position: 310 This tool is used to encrypt a JSON file containing sensitive connection data, for example the `appsettings-agent.json` file, with -[ RSA Encryption ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md). The +[RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md). The encryption is based on the information given in your `appsettings.json` file about either a PFX file or the location of the encryption certificate in the Microsoft store. See the [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/general-purpose/index.md) topic for additional information. This tool `Usercube-Protect-X509JsonFile` is used to encrypt a whole file, in comparison to the -[ Usercube-Protect-X509JsonValue ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonvalue/index.md) tool that encrypts only a +[Usercube-Protect-X509JsonValue](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonvalue/index.md) tool that encrypts only a given value. This tool is more appropriate than `Usercube-Protect-X509JsonValue` when you have many lines to encrypt. @@ -26,7 +26,7 @@ and creates the `appsettings.encrypted.agent.json` file in the same folder. ``` -./identitymanager-Protect-X509JsonFile.exe --input-json-file-path "C:/identitymanagerTraining/appsettings.agent.json" --output-json-file-path "C:/identitymanagerTraining/appsettings.encrypted.agent.json" +**./identitymanager-Protect-X509JsonFile.exe --input-json-file-path "C:/identitymanagerTraining/appsettings.agent.json" --output-json-file-path "C:/identitymanagerTraining/appsettings.encrypted.agent.json"** ``` @@ -51,9 +51,7 @@ appsettings.agent.json "ApplicationUri": "http://localhost:3000" }, "NotificationSettings": { - "Cultures": [ - "en" - ] + "Cultures": ["en"] } }, ... @@ -81,9 +79,7 @@ appsettings.encrypted.agent.json "ApplicationUri": "kxABAFAEx4fWwG/ANPVTf/WGyccDxoR2xCy+x+U3Ny1KkqnOFw+SizePTgINTzBaYHLTHABQD0GWW6U+4qiG6DpcIcdAD0VVnddqB5a+YIE0reufXYhZTrDU/9yeG6aUWIHkLl9UudC/nnW6zMrjChiJhJvT7csFKdgbqUazZT56hR0i6XS36a5h2/tTWhbZTkk1Dil5JP7xUcu5CMWyXMUvGvK8gfQozYxo/DJTOiLrWjg5ION1yx+ZqPhcIUxgYaBjxSpfT6U9YMy5mE9JGqf7W76baS9fOVr3H1DAL02icX29uJAcsw1r9k1rJQIKEhAuqTNeuqF6C6iPHJAsail+iteOJEYgBSACRz7Te4t6Hp7PBs0FfP0WY1oL+1T+p7X+HaO1jAJhE50J2AKhGNXTZfE=" }, "NotificationSettings": { - "Cultures": [ - "kxABAPwTbpFUbP9xT9HyqtTuMLKT9sVD0Qq1kCsI44d12vJEcW2MMy9K5vKakwTPeJpvY6SafELoHc7AjKnh8ZJi0/Yu4dieE5W+5uXY1uaghYJ/2VjimzIsDhvRhm90xUlaMjdFBjx4HAnxBAtEbEjifdGHxZ0L9F305hXSTORj53u76ctCE5D9HPTN3AgLmyIGv5NExwhD4sgppbf6PWjTEZ7yNcoUpkkS4pJ6BMz+PaQo26A2rMP710zQgG72an4XvxSoR3SwSm0fhLCASgYi8YOZw0j/cfxl/LrW1EQ7gyW0/Mw9v1YRNH3DkbWSeHZ3odhDWdaWkzR6yOEt5hO60eM0w8Tjoed30Jwf+enf1rJFStDe/dhg6vjUIaTn6tt1Gw==" - ] + "Cultures": ["kxABAPwTbpFUbP9xT9HyqtTuMLKT9sVD0Qq1kCsI44d12vJEcW2MMy9K5vKakwTPeJpvY6SafELoHc7AjKnh8ZJi0/Yu4dieE5W+5uXY1uaghYJ/2VjimzIsDhvRhm90xUlaMjdFBjx4HAnxBAtEbEjifdGHxZ0L9F305hXSTORj53u76ctCE5D9HPTN3AgLmyIGv5NExwhD4sgppbf6PWjTEZ7yNcoUpkkS4pJ6BMz+PaQo26A2rMP710zQgG72an4XvxSoR3SwSm0fhLCASgYi8YOZw0j/cfxl/LrW1EQ7gyW0/Mw9v1YRNH3DkbWSeHZ3odhDWdaWkzR6yOEt5hO60eM0w8Tjoed30Jwf+enf1rJFStDe/dhg6vjUIaTn6tt1Gw=="] } }, ... @@ -98,7 +94,7 @@ The login to encrypt is stored in the following format, compliant with the [appsettings.agent](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md).json structure: -appsettings.beforeEncryption.json +**appsettings.beforeEncryption.json** ``` diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonvalue/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonvalue/index.md index 1901eefd45..b05947e423 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonvalue/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonvalue/index.md @@ -8,7 +8,7 @@ sidebar_position: 320 This tool is used to encrypt sensitive connection data, for example data from the `appsettings.agent.json` file, with -[ RSA Encryption ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md). The +[RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md). The encryption is based on the information given in your `appsettings.json` file about either a PFX file or the location of the encryption certificate in the Microsoft store. See the [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/general-purpose/index.md) @@ -25,7 +25,7 @@ the `appsettings.agent.json` file. ``` -./identitymanager-Protect-X509JsonValue.exe --values "0" "secret" +**./identitymanager-Protect-X509JsonValue.exe --values "0" "secret"** ``` @@ -72,7 +72,7 @@ The output, in the console, shows the encrypted value for the _charlotte2028_ st ``` -kxABABJR7wYaQIqNjHT/rhYVMp5Vmsao7/eBLb7JCIiHMOKbi2sC0dY0SAJgj50NQ0kEH5LS3Y3TYso98+IdnxAzpURrtNu/LUWCJo1kTLM/taygebc0MK4XbkFmWzEgzLcVhAIy8GyFgEWqgNhOx7vwSPXFRrhQTVqIjwO0QNqxlZ5s6uyQm5fk9es2o6aLL0xwbvqspReFxZwuHrguAoIvkBnaKSsDfTLSuheP6VN7yOglLHvZ8Sn9R42M2BpG/dKIHXG6i1LkxkKoVKS9gFO7Hx8VUmYgxG+qIKTRVHdpMctqWKNUJTsQkmRKs+S3qiA2mgK/iC/dp923TfigAnBLWtyXw8eKDJjZ+s6n878BIf55iEjpgOrbm5FLzj8dfqPhQw== +**kxABABJR7wYaQIqNjHT/rhYVMp5Vmsao7/eBLb7JCIiHMOKbi2sC0dY0SAJgj50NQ0kEH5LS3Y3TYso98+IdnxAzpURrtNu/LUWCJo1kTLM/taygebc0MK4XbkFmWzEgzLcVhAIy8GyFgEWqgNhOx7vwSPXFRrhQTVqIjwO0QNqxlZ5s6uyQm5fk9es2o6aLL0xwbvqspReFxZwuHrguAoIvkBnaKSsDfTLSuheP6VN7yOglLHvZ8Sn9R42M2BpG/dKIHXG6i1LkxkKoVKS9gFO7Hx8VUmYgxG+qIKTRVHdpMctqWKNUJTsQkmRKs+S3qiA2mgK/iC/dp923TfigAnBLWtyXw8eKDJjZ+s6n878BIf55iEjpgOrbm5FLzj8dfqPhQw==** ``` diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/refreshschema/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/refreshschema/index.md index 88e031c248..e366e96ce2 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/refreshschema/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/refreshschema/index.md @@ -22,11 +22,11 @@ The credentials used to connect to the connection come from the | Name | Details | | -------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| --connection-id \*required | **Type** Integer **Description** Id of a connection whose schemas are updated. See the [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. | +| --connection-id \*required | **Type** Integer **Description** Id of a connection whose schemas are updated. See the [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. | | | | | --- | --- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/send-passwordnotification/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/send-passwordnotification/index.md index ec77188dea..f429da2373 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/send-passwordnotification/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/send-passwordnotification/index.md @@ -27,7 +27,7 @@ For the notification to be sent, the server set at **appsettings** > **Applicati running. The [Resource Type Mappings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/index.md) should have an associated -[ Password Reset Settings ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md). +[Password Reset Settings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md). For the notification to be sent, the password reset settings should at least contain a notified email binding. diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/update-entitypropertyexpressions/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/update-entitypropertyexpressions/index.md index 1217b6b9f0..11375b7442 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/update-entitypropertyexpressions/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/update-entitypropertyexpressions/index.md @@ -16,7 +16,7 @@ string, for all entity types. ``` -./identitymanager-Update-EntityPropertyExpressions.exe --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false" -a +**./identitymanager-Update-EntityPropertyExpressions.exe --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false" -a** ``` @@ -35,7 +35,7 @@ string, for all entity types. | --batch-size (-q) default value: 5000 | **Type** Int32 **Description** Batch size for queries. [See more details](https://docs.microsoft.com/en-us/azure/azure-sql/performance-improve-use-batching). | | --dirty optional | **Type** No Value **Description** Applies the tool incrementally by applying it only to resources marked as dirty, i.e. recently modified. | | --entitytype-list optional | **Type** String List **Description** List of entity types that the tool is to be applied to. **Note:** required when `--all-entityType` is not specified. | -| --resource-identity-property optional | **Type** String **Description** Property used to override the resource identity property set in the [ Select User by Identity Query Handler Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md). | +| --resource-identity-property optional | **Type** String **Description** Property used to override the resource identity property set in the [Select User by Identity Query Handler Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md). | | | | | --- | --- | | --log-level optional | **Type** LogLevel **Description** Level of log information among: `Verbose`; `Debug`; `Information`; `Warning`; `Error`; `Fatal`. | diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/upgrade-configurationversion/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/upgrade-configurationversion/index.md index 144110c6f2..be665c82a5 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/upgrade-configurationversion/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/upgrade-configurationversion/index.md @@ -13,7 +13,7 @@ latest version. ``` -./identitymanager-Upgrade-ConfigurationVersion.exe --version "5.1.0" --xml-path "C:/identitymanagerDemo/Conf" --output "C:/identitymanagerDemo/Conf2" +**./identitymanager-Upgrade-ConfigurationVersion.exe --version "5.1.0" --xml-path "C:/identitymanagerDemo/Conf" --output "C:/identitymanagerDemo/Conf2"** ``` diff --git a/docs/identitymanager/6.2/integration-guide/executables/references/upgrade-databaseversion/index.md b/docs/identitymanager/6.2/integration-guide/executables/references/upgrade-databaseversion/index.md index 88722321fd..1747848dff 100644 --- a/docs/identitymanager/6.2/integration-guide/executables/references/upgrade-databaseversion/index.md +++ b/docs/identitymanager/6.2/integration-guide/executables/references/upgrade-databaseversion/index.md @@ -16,7 +16,7 @@ folder of the newest version and launch the tool with the following argument: ``` -./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" +**./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString"** ``` @@ -30,7 +30,7 @@ The following example runs the database upgrade tool only for backward compatibl ``` -./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" --mode BackwardCompatibleChanges +**./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" --mode BackwardCompatibleChanges** ``` @@ -42,7 +42,7 @@ useful only when specifying `--mode BackwardCompatibleChanges`. ``` -./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" --mode BackwardCompatibleChanges --execute-predefined +**./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" --mode BackwardCompatibleChanges --execute-predefined** ``` diff --git a/docs/identitymanager/6.2/integration-guide/governance/accesscertification/index.md b/docs/identitymanager/6.2/integration-guide/governance/accesscertification/index.md index e5e93a9f8b..a03b0e8530 100644 --- a/docs/identitymanager/6.2/integration-guide/governance/accesscertification/index.md +++ b/docs/identitymanager/6.2/integration-guide/governance/accesscertification/index.md @@ -23,7 +23,7 @@ you can choose to focus on: - A certain type of assignment - Assignments not certified since a certain date - Assignments presenting a certain level of risk. See the - [ Manage Risks ](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md) topic for additional + [Manage Risks](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md) topic for additional information. Identity Manager uses an access certification campaign to define the campaign's scope including: @@ -58,12 +58,12 @@ At least one Identity Manager profile needs permissions to create campaigns. Such permission can be granted using the AccessReviewAdministrationAccessControlRules scaffolding. See the -[ Access Review Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) +[Access Review Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) topic for additional information. The administrator profile, created with CreateAdministratorProfile scaffolding, already has these permissions. See the -[ Create Administrator Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md) +[Create Administrator Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md) topic for additional information. If you are not using the AccessReviewAdministrationAccessControlRules scaffolding, the user cannot @@ -175,7 +175,7 @@ assigned ones. Scopes of responsibility can also be defined in terms of access certification campaign policy. See the -[ AccessCertificationCampaignPolicy ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationcampaignpolicy/index.md) +[AccessCertificationCampaignPolicy](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationcampaignpolicy/index.md) topic for additional information. Assigning an access certification campaign policy to an access certification campaign allows the @@ -239,5 +239,5 @@ topic for additional information. This permission also is given by the AccessReviewAdministrationAccessControlRules scaffolding. See the -[ Access Review Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) +[Access Review Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/governance/index.md b/docs/identitymanager/6.2/integration-guide/governance/index.md index ae74cc9d77..02a9f26b54 100644 --- a/docs/identitymanager/6.2/integration-guide/governance/index.md +++ b/docs/identitymanager/6.2/integration-guide/governance/index.md @@ -49,4 +49,4 @@ security risk. The module facilitates the analysis and mitigation of different k as Segregation of Duties (SoD) or High Privilege. Risks can be used to identify sensitive assignments that should be reviewed first during a certification campaign. -See the [ Risk Management ](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) topic to learn how to configure risks. +See the [Risk Management](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) topic to learn how to configure risks. diff --git a/docs/identitymanager/6.2/integration-guide/governance/reporting/analyze-powerbi/index.md b/docs/identitymanager/6.2/integration-guide/governance/reporting/analyze-powerbi/index.md index 51e656a6d5..38f0ce918e 100644 --- a/docs/identitymanager/6.2/integration-guide/governance/reporting/analyze-powerbi/index.md +++ b/docs/identitymanager/6.2/integration-guide/governance/reporting/analyze-powerbi/index.md @@ -41,25 +41,31 @@ Integrators need to know: display, etc. from both Identity Manager-hard-coded and customized parts - what data needs to be displayed in the end -**NOTE:** Power BI is able to analyze all Identity Manager's data, hard-coded and customized, but +:::note +Power BI is able to analyze all Identity Manager's data, hard-coded and customized, but only current data, i.e. nothing from the history. +::: + ## Analyze Identity Manager's Data with Power BI Build the universe model by proceeding as follows: **Step 1 –** Define the appropriate universes using scaffoldings. See the -[ Queries ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) topic +[Queries](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) topic for additional information. -_Remember,_ in order to understand business intelligence, with its universes, entity instances and +:::tip +Remember, in order to understand business intelligence, with its universes, entity instances and association instances. See the -[ Universe ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) topic +[Universe](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) topic for additional information. Also note that XML objects that automatically generate XML snippets that would be complex and/or tedious to write manually. See the[Scaffoldings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md) topic for additional information. +::: + Netwrix recommends creating no more than one universe to generate one report, to prevent issues about name uniqueness. @@ -111,7 +117,7 @@ This is how you analyze Identity Manager data through Power BI. In order to maintain the model you must remember the ones listed below. -Refresh data +**Refresh data** You must define, in Power BI Service or Report Server, a frequency for data refresh so that reports display up-to-date data. See the @@ -120,7 +126,7 @@ additional information. Data is often refreshed once a day. Define the refresh frequency according to your needs. -Foresee the Impact of Model Modifications +**Foresee the Impact of Model Modifications** A change inside an existing entity, for example adding a scalar field, does not require any particular actions on the universe model. @@ -128,5 +134,5 @@ particular actions on the universe model. A change in an association requires making the corresponding change in the universe model, as association instances (in the universe model) are based on entity associations in Identity Manager's data model. See the -[ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) +[Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/governance/reporting/connect-powerbi/index.md b/docs/identitymanager/6.2/integration-guide/governance/reporting/connect-powerbi/index.md index b365eefbd3..68f6a6a8dd 100644 --- a/docs/identitymanager/6.2/integration-guide/governance/reporting/connect-powerbi/index.md +++ b/docs/identitymanager/6.2/integration-guide/governance/reporting/connect-powerbi/index.md @@ -40,14 +40,14 @@ Connect Power BI to Identity Manager by proceeding as follows: ![Server URL](/img/product_docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/connect-powerbi/powerbi_url.webp) 5. In the opening window, enter the - [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md)of + [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md)of the `Administrator` profile. The `Client Id` expects the concatenation of the identifier of `OpenIdClient` with `@` and Identity Manager's domain name. See the following example. ![Client Id / Client Secret](/img/product_docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/connect-powerbi/powerbi_clientid.webp) 6. You can now access in the left panel the - [ Universe ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md)from + [Universe](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md)from Identity Manager configuration. You can click on the desired universe to expand it, and view and pick the desired tables. diff --git a/docs/identitymanager/6.2/integration-guide/governance/reporting/how-tos/analyze-powerbi/index.md b/docs/identitymanager/6.2/integration-guide/governance/reporting/how-tos/analyze-powerbi/index.md index 84159077a9..d6969f149f 100644 --- a/docs/identitymanager/6.2/integration-guide/governance/reporting/how-tos/analyze-powerbi/index.md +++ b/docs/identitymanager/6.2/integration-guide/governance/reporting/how-tos/analyze-powerbi/index.md @@ -35,25 +35,31 @@ Integrators need to know: display, etc. from both Identity Manager-hard-coded and customized parts - what data needs to be displayed in the end -**NOTE:** Power BI is able to analyze all Identity Manager's data, hard-coded and customized, but +:::note +Power BI is able to analyze all Identity Manager's data, hard-coded and customized, but only current data, i.e. nothing from the history. +::: + ## Analyze Identity Manager's Data with Power BI Build the universe model by proceeding as follows: **Step 1 –** Define the appropriate universes using scaffoldings. See the -[ Queries ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) topic +[Queries](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) topic for additional information. -_Remember,_ in order to understand business intelligence, with its universes, entity instances and +:::tip +Remember, in order to understand business intelligence, with its universes, entity instances and association instances. See the -[ Universe ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) topic +[Universe](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) topic for additional information. Also note that XML objects that automatically generate XML snippets that would be complex and/or tedious to write manually. See the[Scaffoldings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md) topic for additional information. +::: + Netwrix recommends creating no more than one universe to generate one report, to prevent issues about name uniqueness. @@ -105,7 +111,7 @@ This is how you analyze Identity Manager data through Power BI. In order to maintain the model you must remember the ones listed below. -Refresh data +**Refresh data** You must define, in Power BI Service or Report Server, a frequency for data refresh so that reports display up-to-date data. See the @@ -114,7 +120,7 @@ additional information. Data is often refreshed once a day. Define the refresh frequency according to your needs. -Foresee the Impact of Model Modifications +**Foresee the Impact of Model Modifications** A change inside an existing entity, for example adding a scalar field, does not require any particular actions on the universe model. @@ -122,5 +128,5 @@ particular actions on the universe model. A change in an association requires making the corresponding change in the universe model, as association instances (in the universe model) are based on entity associations in Identity Manager's data model. See the -[ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) +[Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/governance/reporting/how-tos/connect-powerbi/index.md b/docs/identitymanager/6.2/integration-guide/governance/reporting/how-tos/connect-powerbi/index.md index 76b13d25a3..7ebe4ac4da 100644 --- a/docs/identitymanager/6.2/integration-guide/governance/reporting/how-tos/connect-powerbi/index.md +++ b/docs/identitymanager/6.2/integration-guide/governance/reporting/how-tos/connect-powerbi/index.md @@ -34,14 +34,14 @@ Connect Power BI to Identity Manager by proceeding as follows: ![Server URL](/img/product_docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/connect-powerbi/powerbi_url.webp) 5. In the opening window, enter the - [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md)of + [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md)of the `Administrator` profile. The `Client Id` expects the concatenation of the identifier of `OpenIdClient` with `@` and Identity Manager's domain name. See the following example. ![Client Id / Client Secret](/img/product_docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/connect-powerbi/powerbi_clientid.webp) 6. You can now access in the left panel the - [ Universe ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md)from + [Universe](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md)from Identity Manager configuration. You can click on the desired universe to expand it, and view and pick the desired tables. diff --git a/docs/identitymanager/6.2/integration-guide/governance/reporting/index.md b/docs/identitymanager/6.2/integration-guide/governance/reporting/index.md index c5afa4ae63..31b1b7bc44 100644 --- a/docs/identitymanager/6.2/integration-guide/governance/reporting/index.md +++ b/docs/identitymanager/6.2/integration-guide/governance/reporting/index.md @@ -8,7 +8,7 @@ sidebar_position: 10 The Reporting module is used to generate basic reports in CSV using [API query grammar](/docs/identitymanager/6.2/integration-guide/api/squery/index.md), or advanced reports using the -[ Business Intelligence ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/index.md) module. +[Business Intelligence](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/index.md) module. -See the [ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for +See the [Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for additional information on generating reports. diff --git a/docs/identitymanager/6.2/integration-guide/governance/review-prolonged-entitlements/index.md b/docs/identitymanager/6.2/integration-guide/governance/review-prolonged-entitlements/index.md index b2218cd9d3..fa1d7966e8 100644 --- a/docs/identitymanager/6.2/integration-guide/governance/review-prolonged-entitlements/index.md +++ b/docs/identitymanager/6.2/integration-guide/governance/review-prolonged-entitlements/index.md @@ -16,7 +16,7 @@ the users are supposed to lose the role, then they keep it for the time defined and the role's workflow state switches from `Automatic` to `Prolonged`. Then a manager must access these entitlements in the **Role Review** screen, to either approve or decline the role prolongation. See the -[ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for +[Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for additional information. ## Assign the Right to Review Prolonged Entitlements diff --git a/docs/identitymanager/6.2/integration-guide/governance/risks/index.md b/docs/identitymanager/6.2/integration-guide/governance/risks/index.md index 1057c4b0e3..af67199a3d 100644 --- a/docs/identitymanager/6.2/integration-guide/governance/risks/index.md +++ b/docs/identitymanager/6.2/integration-guide/governance/risks/index.md @@ -13,7 +13,7 @@ with a risk-based method. ## Overview -A [ Risk ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) describes a sensitive +A [Risk](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) describes a sensitive situation of entitlement assignments that needs to be monitored. Risk management is essential to auditing. End-users can define models of risks, assigned to @@ -28,13 +28,13 @@ current request. The higher the score, the higher the threat. The identities wit scores are the priority of the next [Access Certification](/docs/identitymanager/6.2/integration-guide/governance/accesscertification/index.md) campaign. -See the [ Manage Risks ](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md)topic for additional +See the [Manage Risks](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md)topic for additional information on how to use the risk management module to identify entitlement assignments that pose a security risk. ## Risk Definition -A [ Risk ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) is an object that describes a +A [Risk](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) is an object that describes a sensitive situation of assignments of entitlements. The assignment of a risk to an identity highlights, for a potential auditor, the need to closely @@ -123,7 +123,7 @@ risk that would have been blocking otherwise, is just a warning. ### Risk Rules -[ Risk ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) are assigned to resources +[Risk](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) are assigned to resources manually by a knowledgeable user or automatically, by the [Evaluate Policy](/docs/identitymanager/6.2/integration-guide/role-assignment/evaluate-policy/index.md) algorithm. @@ -131,7 +131,7 @@ When a risk is assigned to a resource, a new identified risk is created under th `UP_IdentifiedRisks` table. Automatic assignment of risks is based on -[ Risk ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) rules. For each new +[Risk](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) rules. For each new fine-grained assignment on a resource, risk rules are applied. If one of the rules matches the resource state, the related risks are assigned to the resource. Those rules are themselves based on fine-grained entitlements, such as an Active Directory account or group membership, modeled by the @@ -154,7 +154,7 @@ resource-identity. This is the way: -1. Choose an [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) of which +1. Choose an [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) of which the resource-identity could be owner. 2. Choose a navigation property of that entity type. 3. Choose a value for that navigation property. The value would be a resource from the unified @@ -165,7 +165,7 @@ navigation property and the ownership relationship. ## Risk Score -Once [ Risk ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) are assigned to +Once [Risk](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) are assigned to identities, Identity Manager computes a risk score for each relevant identity. This score allows an auditor to prioritize the diff --git a/docs/identitymanager/6.2/integration-guide/identity-management/identity-repository/index.md b/docs/identitymanager/6.2/integration-guide/identity-management/identity-repository/index.md index 5582520f82..813fbe0c9f 100644 --- a/docs/identitymanager/6.2/integration-guide/identity-management/identity-repository/index.md +++ b/docs/identitymanager/6.2/integration-guide/identity-management/identity-repository/index.md @@ -35,14 +35,14 @@ The identity repository can be created and updated by: Netwrix Identity Manager (formerly Usercube) recommends creating the identity repository by downloading the provided Excel file, filling it with HR information, and uploading it back. See the -[ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) +[Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic to learn how to create the workforce repository. Then perform mass updates with the same kind of process, and update an Individual Identity via Identity Manager's workflows. See the -[ Update Identities in Bulk ](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/mass-update/index.md) +[Update Identities in Bulk](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/mass-update/index.md) and -[ Update an Individual Identity ](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/individual-update/index.md)topics +[Update an Individual Identity](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/individual-update/index.md)topics for additional information. ### Useful data diff --git a/docs/identitymanager/6.2/integration-guide/identity-management/index.md b/docs/identitymanager/6.2/integration-guide/identity-management/index.md index 644b0abf5f..10ee4194e4 100644 --- a/docs/identitymanager/6.2/integration-guide/identity-management/index.md +++ b/docs/identitymanager/6.2/integration-guide/identity-management/index.md @@ -14,15 +14,15 @@ company. "Identities' lifecycles" mean any Joiners, Movers and Leavers (JML) process, i.e. staff changes, i.e. any user's onboarding, position modification and offboarding. -See the [ Identity Repository ](/docs/identitymanager/6.2/integration-guide/identity-management/identity-repository/index.md) topic for additional information. -See the [ Identity Lifecycle: Joiners, Movers and Leavers ](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/index.md) topic +See the [Identity Repository](/docs/identitymanager/6.2/integration-guide/identity-management/identity-repository/index.md) topic for additional information. +See the [Identity Lifecycle: Joiners, Movers and Leavers](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/index.md) topic for additional information on how Identity Manager handles the Joiners, Movers and Leavers (JML) process. Identities in Identity Manager are mostly humans, both internal and external workers, but can also be applications, bots, service accounts, or anything. -Identities are stored in the database as [ Resources ](/docs/identitymanager/6.2/integration-guide/resources/index.md), which helps with +Identities are stored in the database as [Resources](/docs/identitymanager/6.2/integration-guide/resources/index.md), which helps with Identity Manager's internal mechanisms, for example to modelize identities with [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md) types. @@ -31,7 +31,7 @@ Additional interesting parts of identity management are: - the synchronization of identity changes through several repositories, for example both Identity Manager and the AD; - the provisioning of identity properties directly to the connected systems, based on the - computation of the [ Role Model ](/docs/identitymanager/6.2/integration-guide/role-model/index.md). + computation of the [Role Model](/docs/identitymanager/6.2/integration-guide/role-model/index.md). See the [Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/index.md b/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/index.md index 90401e9462..fb78d1bb2c 100644 --- a/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/index.md +++ b/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/index.md @@ -12,6 +12,6 @@ records. In Identity Manager, the JML process is done through workflows or through synchronization to the HR system. -See the [ Onboarding and Offboarding ](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md) and -[ Position Change via Records ](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topics for additional information on +See the [Onboarding and Offboarding](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md) and +[Position Change via Records](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topics for additional information on onboarding and offboarding and position changes via records. diff --git a/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md b/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md index c809ce6946..d5aae27281 100644 --- a/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md +++ b/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md @@ -29,7 +29,7 @@ The automation of the entitlement assignment processes can be really helpful. Ho not be looking for a full automation, but rather the smart automation of basic assignments such as "birthrights", while the sensitive ones keep a manual process. -See the [ Automate Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md) +See the [Automate Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md) topic for additional information about the assignment automation. ## Offboarding @@ -51,8 +51,8 @@ the user's contract in the company. These dates should then be part of entity types' properties (for example as `StartDate` and `EndDate`), in order to be used in -[ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) and -[ Context Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md). +[Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) and +[Context Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md). ![Identities - Validity Period](/img/product_docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/validityperiod.webp) diff --git a/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md b/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md index efa9bddb60..f8bf4ddbc5 100644 --- a/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md +++ b/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md @@ -24,7 +24,7 @@ with an automated fulfillment. Identity Manager's calculations for entitlement assignments rely on heuristics, through identities' key properties called -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md). +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md). > For example, consider an entity type modeling identities with their job title, department and > location. @@ -167,8 +167,8 @@ A change to be effective in future can trigger the creation of a new record. ### Configuration This identity model can be implemented by configuring a -[ Context Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) and -[ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md): +[Context Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) and +[Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md): ```` diff --git a/docs/identitymanager/6.2/integration-guide/modules/index.md b/docs/identitymanager/6.2/integration-guide/modules/index.md index 7a80f61481..9970c11918 100644 --- a/docs/identitymanager/6.2/integration-guide/modules/index.md +++ b/docs/identitymanager/6.2/integration-guide/modules/index.md @@ -17,4 +17,4 @@ logging. To use these integration modules, they just need to be configured in Id ## Logging -- [ Export Logs to a Log Management System ](/docs/identitymanager/6.2/integration-guide/monitoring/qradar-setting/index.md) +- [Export Logs to a Log Management System](/docs/identitymanager/6.2/integration-guide/monitoring/qradar-setting/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/monitoring/index.md b/docs/identitymanager/6.2/integration-guide/monitoring/index.md index aa6f73f8aa..2a0efc3856 100644 --- a/docs/identitymanager/6.2/integration-guide/monitoring/index.md +++ b/docs/identitymanager/6.2/integration-guide/monitoring/index.md @@ -9,7 +9,7 @@ sidebar_position: 150 Identity Manager uses [Serilog](https://github.com/serilog/), a highly customizable logging tool, to provide monitoring capabilities. -See the [ References: Logs ](/docs/identitymanager/6.2/integration-guide/monitoring/references/index.md) topic for additional information on the list of +See the [References: Logs](/docs/identitymanager/6.2/integration-guide/monitoring/references/index.md) topic for additional information on the list of existing logs. ## Introduction @@ -159,17 +159,14 @@ appsettings.json { ... "Serilog": { - "Using": [ - "Serilog.Sinks.Network" - ], + "Using": ["Serilog.Sinks.Network"], "MinimumLevel": { "Default": "Error", "Override": { "Usercube": "Information" } }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Destination1", "Args": { "uri": "192.168.13.110", @@ -184,14 +181,11 @@ appsettings.json "port": "514", "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" } - } - ], - "Filter": [ - { + }], + "Filter": [{ "Name": "ByIncludingOnly", "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } - } - ] + }] } } ``` @@ -205,17 +199,14 @@ appsettings.json { ... "Serilog": { - "Using": [ - "Serilog.Sinks.Network" - ], + "Using": ["Serilog.Sinks.Network"], "MinimumLevel": { "Default": "Error", "Override": { "Usercube": "Information" } }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Logger1", "Args": { "configureLogger": { @@ -230,14 +221,11 @@ appsettings.json "port": "514", "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" } - } - ], - "Filter": [ - { + }], + "Filter": [{ "Name": "ByIncludingOnly", "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } - } - ] + }] } } }, @@ -248,8 +236,7 @@ appsettings.json "MinimumLevel": { "Default": "Information" }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Destination2", "Args": { "uri": "192.168.13.100", @@ -264,14 +251,11 @@ appsettings.json "port": "514", "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" } - } - ], - "Filter": [ - { + }], + "Filter": [{ "Name": "ByIncludingOnly", "Args": { "expression": "StartsWith(SourceContext, 'Test') and EventId.Id >= 800" } - } - ] + }] } } } @@ -295,15 +279,13 @@ on the **Monitoring** screen. { ... "Serilog": { - "WriteTo": [ - { + "WriteTo": [{ "Name": "File", "Args": { "path": "../Temp/Server/identitymanager-log.txt", "shared": true, } - } - ] + }] } } ``` @@ -312,7 +294,7 @@ on the **Monitoring** screen. QRadar is a supported destination for Identity Manager's logs. -See the [ Export Logs to a Log Management System ](/docs/identitymanager/6.2/integration-guide/monitoring/qradar-setting/index.md) topic to learn +See the [Export Logs to a Log Management System](/docs/identitymanager/6.2/integration-guide/monitoring/qradar-setting/index.md) topic to learn how to send Identity Manager's logs to your QRadar system. Three output formats are available for QRadar-routed logs: @@ -332,17 +314,14 @@ appsettings.json { ... "Serilog": { - "Using": [ - "Serilog.Sinks.Network" - ], + "Using": ["Serilog.Sinks.Network"], "MinimumLevel": { "Default": "Error", "Override": { "Usercube": "Information" } }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Logger", "Args": { "configureLogger": { @@ -357,14 +336,11 @@ appsettings.json "port": "514", "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" } - } - ], - "Filter": [ - { + }], + "Filter": [{ "Name": "ByIncludingOnly", "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } - } - ] + }] } } } @@ -385,9 +361,7 @@ appsettings.json { ... "Serilog": { - "Using": [ - "Serilog.Sinks.Syslog" - ], + "Using": ["Serilog.Sinks.Syslog"], "MinimumLevel": { "Default": "Error", "Override": { @@ -461,15 +435,13 @@ appsettings.json { ... "Serilog": { - "WriteTo": [ - { + "WriteTo": [{ "Name": "File", "Args": { "path": "../Temp/Server/identitymanager-log.txt", "shared": true, } - } - ] + }] } } ``` @@ -486,7 +458,7 @@ appsettings.json { ... "Serilog": { - "WriteTo": [ "Console" ], + "WriteTo": ["Console"], }, "LogsPath": "C:/inetpub/logs/LogFiles" } @@ -503,18 +475,16 @@ appsettings.json { ... "Serilog": { - "WriteTo": [ "Console" ], - "Using": [ "Serilog.Sinks.File" ], + "WriteTo": ["Console"], + "Using": ["Serilog.Sinks.File"], "MinimumLevel": "Error", - "WriteTo": [ - { + "WriteTo": [{ "Name": "File", "Args": { "path": "../Temp/Server/identitymanager-log.txt", "shared": true } - } - ] + }] } } ``` @@ -531,18 +501,16 @@ appsettings.json { ... "Serilog": { - "WriteTo": [ "Console" ], - "Using": [ "Serilog.Sinks.File" ], + "WriteTo": ["Console"], + "Using": ["Serilog.Sinks.File"], "MinimumLevel": "Error", - "WriteTo": [ - { + "WriteTo": [{ "Name": "File", "Args": { "path": "../Temp/Server/identitymanager-log.txt", "shared": true } - } - ] + }] } } ``` @@ -563,8 +531,7 @@ appsettings.json "Usercube": "Debug" } }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Async", "Args": { "configure": [ @@ -575,8 +542,7 @@ appsettings.json "shared: true, "buffered": "true" } - } - ] + }] } }, { diff --git a/docs/identitymanager/6.2/integration-guide/monitoring/qradar-setting/index.md b/docs/identitymanager/6.2/integration-guide/monitoring/qradar-setting/index.md index 8e9027f3a3..b5238811af 100644 --- a/docs/identitymanager/6.2/integration-guide/monitoring/qradar-setting/index.md +++ b/docs/identitymanager/6.2/integration-guide/monitoring/qradar-setting/index.md @@ -18,7 +18,7 @@ Supported log management systems are: ## Overview Typically, a Serilog configuration includes three parts: **MinimumLevel**, **Using** and -**WriteTo**. See the [ Monitoring ](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. +**WriteTo**. See the [Monitoring](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. ### Usercube's DSM in QRadar @@ -27,7 +27,7 @@ Identity Manager's logs, when producing a JSON output. Logs can be sent into QRadar without using Identity Manager's DSM in QRadar, but the logs just won't be parsed. Not all Identity Manager's logs can be sent to QRadar. See the -[ References: Logs ](/docs/identitymanager/6.2/integration-guide/monitoring/references/index.md) topic for additional information. +[References: Logs](/docs/identitymanager/6.2/integration-guide/monitoring/references/index.md) topic for additional information. In order to get Identity Manager's DSM, import from QRadar the `Usercube_1.0.0.zip` file, accessible in the `Runtime` folder. Identity Manager's DSM is set to automatically detect the source. This @@ -56,7 +56,7 @@ Export logs to a log management system by proceeding as follows: ``` 2. In the **Serilog** section, add a **Using** section to contain the used sink which depends on the - logs' destination, output format, etc. See the list of supported [ Monitoring ](/docs/identitymanager/6.2/integration-guide/monitoring/index.md). + logs' destination, output format, etc. See the list of supported [Monitoring](/docs/identitymanager/6.2/integration-guide/monitoring/index.md). Concerning QRadar, Netwrix Identity Manager (formerly Usercube) strongly recommends using the JSON format, as it can be parsed by Identity Manager's DSM or easily by a homemade parser. @@ -70,9 +70,8 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > ... > } > ... @@ -89,10 +88,9 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Console", + > "Using": [> "Serilog.Sinks.Console", > "Serilog.Sinks.Splunk.Durable" - > ], + >], > ... > } > ... @@ -106,7 +104,7 @@ Export logs to a log management system by proceeding as follows: **MinimumLevel** set to `Information`, or lower. > For example, we can define the logs' minimum level to `Information`. This way, all logs from - > the [ References: Logs ](/docs/identitymanager/6.2/integration-guide/monitoring/references/index.md) with `Information` level or higher are + > the [References: Logs](/docs/identitymanager/6.2/integration-guide/monitoring/references/index.md) with `Information` level or higher are > sent. > > ``` @@ -116,9 +114,8 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > "MinimumLevel": { > "Default": "Error", > "Override": { @@ -146,17 +143,15 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > "MinimumLevel": { > "Default": "Error", > "Override": { > "Usercube": "Information" > } > }, - > "WriteTo": [ - > { + > "WriteTo": [> { > "Name": "UDPSink", > "Args": { > "uri": "192.168.13.110", @@ -164,7 +159,7 @@ Export logs to a log management system by proceeding as follows: > "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" > } > } - > ] + >] > } > } > @@ -180,9 +175,8 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > "MinimumLevel": { > "Default": "Error", > "Override": { @@ -217,17 +211,15 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > "MinimumLevel": { > "Default": "Error", > "Override": { > "Usercube": "Information" > } > }, - > "WriteTo": [ - > { + > "WriteTo": [> { > "Name": "SplunkEventCollector", > "Args": { > "splunkHost": , @@ -235,7 +227,7 @@ Export logs to a log management system by proceeding as follows: > "bufferFileFullName": "log-buffer.txt" > } > } - > ] + >] > } > } > @@ -243,14 +235,14 @@ Export logs to a log management system by proceeding as follows: 5. When needing to restrict the logs sent to the system, add a filter and wrap all **WriteTo** configuration into a sub-logger, in which case the **Name** at **WriteTo**'s root must be - `Logger`. See the [ Monitoring ](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. + `Logger`. See the [Monitoring](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. For all formats, in order to send only the right logs using the specified filter, the **WriteTo** part must contain a sub-logger with its own filter. Otherwise, the filter will be applied to all sinks. For example, among Identity Manager's logs, only the logs described in the e - [ References: Logs ](/docs/identitymanager/6.2/integration-guide/monitoring/references/index.md) can be parsed by QRadar's DSM and should be used + [References: Logs](/docs/identitymanager/6.2/integration-guide/monitoring/references/index.md) can be parsed by QRadar's DSM and should be used by a SIEM system. Hence the importance of having a filter and a sub-logger. Never include logs with event ids inferior to 500, in order not to be overwhelmed with logs @@ -265,17 +257,15 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > "MinimumLevel": { > "Default": "Error", > "Override": { > "Usercube": "Information" > } > }, - > "WriteTo": [ - > { + > "WriteTo": [> { > "Name": "Logger", > "Args": { > "configureLogger": { @@ -288,13 +278,12 @@ Export logs to a log management system by proceeding as follows: > "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" > } > } - > ], - > "Filter": [ - > { + >], + > "Filter": [> { > "Name": "ByIncludingOnly", > "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } > } - > ] + >] > } > } > } @@ -320,17 +309,15 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > "MinimumLevel": { > "Default": "Error", > "Override": { > "Usercube": "Information" > } > }, - > "WriteTo": [ - > { + > "WriteTo": [> { > "Name": "Logger", > "Args": { > "configureLogger": { @@ -346,13 +333,12 @@ Export logs to a log management system by proceeding as follows: > "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" > } > } - > ], - > "Filter": [ - > { + >], + > "Filter": [> { > "Name": "ByIncludingOnly", > "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } > } - > ] + >] > } > } > } diff --git a/docs/identitymanager/6.2/integration-guide/monitoring/references/index.md b/docs/identitymanager/6.2/integration-guide/monitoring/references/index.md index 022fa7a4fb..72e08fbcb3 100644 --- a/docs/identitymanager/6.2/integration-guide/monitoring/references/index.md +++ b/docs/identitymanager/6.2/integration-guide/monitoring/references/index.md @@ -13,11 +13,11 @@ for example QRadar. The description will use this template for each log: -EventId id: int +**EventId id: int** EventId name: string -LogLevel: Trace||Verbose||Debug||Information||Warning||Error||Critical +**LogLevel: Trace||Verbose||Debug||Information||Warning||Error||Critical** Arguments: @@ -26,15 +26,15 @@ Arguments: - argument3 (string): description3 (string) The EventId id must be unique so we could use it to filter the logs we send. See the -[ Monitoring ](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. +[Monitoring](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. #### 500 -EventId id: 500 +**EventId id: 500** EventId name: Workflow.StartWorkflowInstance -LogLevel: Information +**LogLevel: Information** Arguments: @@ -46,11 +46,11 @@ Arguments: #### 501 -EventId id: 501 +**EventId id: 501** EventId name: Workflow.ResumeWorkflowInstance -LogLevel: Information +**LogLevel: Information** Arguments: @@ -62,11 +62,11 @@ Arguments: #### 502 -EventId id: 502 +**EventId id: 502** EventId name: SelectEntityByIdQueryHandler.Handle -LogLevel: Information +**LogLevel: Information** Arguments: @@ -76,11 +76,11 @@ Arguments: #### 503 -EventId id: 503 +**EventId id: 503** EventId name: SelectEntityByIdQueryHandler.Handle -LogLevel: Error +**LogLevel: Error** Arguments: diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md index 87a3c20972..3d1f37a980 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md @@ -38,11 +38,11 @@ ignored, but it can still be used to store information for human use. | Name | Type | Description | | ------------------------------- | ---------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Connections optional | List of Connections | Connection information of all the systems managed by this agent, for synchronization and fulfillment configuration. This section contains a subsection for each connection containing the connection's agent settings. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "Connections": {     …     "": {       "": "":        …     }   } }` Example: `{   …   "Connections": {     …     "Directory": {       "Path": "C:\UsercubeDemo\Sources\Directory.xlsx"     },     "ServiceNowExportFulfillment": {       "Server": "https://INSTANCE.service-now.com/api/now/table",       "Login": "LOGIN",       "Password": "PASSWORD"     }   } }` See the [Create a Connection](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connection-creation/index.md)and [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topics for additional information. | +| Connections optional | List of Connections | Connection information of all the systems managed by this agent, for synchronization and fulfillment configuration. This section contains a subsection for each connection containing the connection's agent settings. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "Connections": {     …     "": {       "": "":        …     }   } }` Example: `{   …   "Connections": {     …     "Directory": {       "Path": "C:\UsercubeDemo\Sources\Directory.xlsx"     },     "ServiceNowExportFulfillment": {       "Server": "https://INSTANCE.service-now.com/api/now/table",       "Login": "LOGIN",       "Password": "PASSWORD"     }   } }` See the [Create a Connection](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connection-creation/index.md)and [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topics for additional information. | | Databases optional | List of Databases | Names and connection strings of all databases used by the agent through InvokeSqlCommandTask, other than Identity Manager's database and other than the databases provided in Identity Manager's available packages. This subsection contains a subsection for each additional database. **NOTE:** The Database is a subsection of the Connections section mentioned above. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "Databases": {     "": ""   } }` Example: `{   …   "Databases": {     "UsercubeContoso": "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;"   } }` | | OpenId optional | OpenId | OpenId information, i.e. the ClientIds and related ClientSecrets that the agent may use to authenticate to the server in order to launch jobs and tasks. In order to launch jobs and tasks, the profiles related to these OpenId credentials must possess the required permissions. | | PasswordResetSettings optional | PasswordResetSettings | Parameters which configure the reset password process for the managed systems that support it. | -| SourcesRootPaths optional | String Array | List of folder paths from which Identity Manager is allowed to read. This option is used to validate the sources files defined in file-based connections. These paths are case sensitive. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "SourcesRootPaths": [ "C:/identitymanagerContoso/SourceHR", "C:/identitymanagerContoso/SourcesPhone" ]  }` | +| SourcesRootPaths optional | String Array | List of folder paths from which Identity Manager is allowed to read. This option is used to validate the sources files defined in file-based connections. These paths are case sensitive. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "SourcesRootPaths": ["C:/identitymanagerContoso/SourceHR", "C:/identitymanagerContoso/SourcesPhone"]  }` | | TaskAgentConfiguration optional | TaskAgentConfiguration | Various settings to customize the behavior of some agent tasks. | ## OpenId @@ -93,7 +93,10 @@ Encryption certificate information can be set in one of two ways: | StoreName required | String | Name of the relevant Windows certificate. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "StoreName": ""   } }` | | Thumbprint Required if DistinguishedName is empty | String | Thumbprint of the certificate. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     "Thumbprint": "<6261A70E599642A21A57A605A73B6D2AE7C5C450>"     …   } }` | -_Remember,_ Netwrix recommends using Windows' certificate store. +:::tip +Remember, Netwrix recommends using Windows' certificate store. +::: + On the other hand, the PFX file takes priority over Windows' certificate, which means that when `File` is specified then the PFX certificate is used, even if the options for Windows' certificate @@ -108,7 +111,7 @@ In both ways, missing and/or incorrect settings trigger an error and no certific | FromAddress Required if PickupDirectory is empty | String | Email address used by Identity Manager to send notifications. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "MailSettings": {       "FromAddress": "",       …     }   } }` | | Host Required if PickupDirectory is empty | String | SMTP server domain name or an IP address. To be used only when UseSpecifiedPickupDirectory is set to false. | | Password Required | String | Password that Identity Manager will use to login to the SMTP server. used only when the SMTP server is password-protected and UseSpecifiedPickupDirectory is set to false. | -| PickupDirectory Required if FromAddress/Host are empty | | Path to the pickup directory. See the [ Send Notifications ](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md) topic for additional information. See more details on the pickup directory feature. To be used only when UseSpecifiedPickupDirectory is set to true. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "MailSettings": {       "PickupDirectory": "<../Mails>",       …     }   } }` | +| PickupDirectory Required if FromAddress/Host are empty | | Path to the pickup directory. See the [Send Notifications](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md) topic for additional information. See more details on the pickup directory feature. To be used only when UseSpecifiedPickupDirectory is set to true. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "MailSettings": {       "PickupDirectory": "<../Mails>",       …     }   } }` | | Username required | String | Username for Identity Manager to login to the SMTP server. Used only when the SMTP server is password-protected and UseSpecifiedPickupDirectory is set to false. | | AllowedDomains optional | String | List of domains to which the SMTP server is authorized to send emails. Domain names must be separated by `;`. | | CatchAllAddress optional | String | Catch-all address that will receive all of Identity Manager's emails instead of usual users. this is helpful for testing before going live. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "MailSettings": {       "CatchAllAddress": "",       …     }   } }` | @@ -118,7 +121,7 @@ In both ways, missing and/or incorrect settings trigger an error and no certific | SecureSocketOption default value: Auto | String | Specifies the encryption strategy to connect to the SMTP server. If set, this takes priority over EnableSsl. None: No SSL or TLS encryption should be used. Auto: Allow the mail service to decide which SSL or TLS options to use (default). If the server does not support SSL or TLS, then the connection will not be encrypted. SslOnConnect: The connection should use SSL or TLS encryption immediately. StartTls: Elevates the connection to use TLS encryption immediately after reading the greeting and capabilities of the server. If the server does not support the STARTTLS extension, then the connection will fail and a NotSupportedException will be thrown. StartTlsWhenAvailable: Elevates the connection to use TLS encryption immediately after reading the greeting and capabilities of the server, but only if the server supports the STARTTLS extension. **NOTE:** To be used only when UseSpecifiedPickupDirectory is set to false. | | Port default value: 0 | String | SMTP server port. **NOTE:** To be used only when UseSpecifiedPickupDirectory is set to false. | | UseDefaultCredentials default value: False | Boolean | True to use the default username/password pair to login to the SMTP server. When set to false, Windows authentication is used. **NOTE:** To be used only when UseSpecifiedPickupDirectory is set to false. | -| UseSpecifiedPickupDirectory default value: False | Boolean | True to write emails as local files in the specified PickupDirectory instead of sending them as SMTP packets. See the [ Send Notifications ](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md)topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "MailSettings": {       "UseSpecifiedPickupDirectory": true,       …     }   } }` | +| UseSpecifiedPickupDirectory default value: False | Boolean | True to write emails as local files in the specified PickupDirectory instead of sending them as SMTP packets. See the [Send Notifications](/docs/identitymanager/6.2/installation-guide/production-ready/email-server/index.md)topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "MailSettings": {       "UseSpecifiedPickupDirectory": true,       …     }   } }` | ### NotificationSettings diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md index 3e3ac0a864..615e17ded7 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md @@ -9,8 +9,11 @@ sidebar_position: 10 This section describes the settings available in the agent's appsettings.json file, located in the agent's working directory or in environment variables. -**NOTE:** JSON files can contain any additional information that you might find useful. See the +:::note +JSON files can contain any additional information that you might find useful. See the example below. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -43,7 +46,7 @@ The appsettings set allows the following attributes and sections: | EncryptionCertificate (required) | EncryptionCertificate | Settings to configure the encryption of specific files. | | IdentityServer (required) | IdentityServer | Settings to configure the agent's encrypted network communication, for example with the server or a browser. | | Authentication (required) | Authentication | Settings to configure end-user authentication, for example for users to launch a job from the UI. | -| Serilog (optional) | Logger setting | Settings to configure the logging service, complying to the Logger properties and structure. See the [ Monitoring ](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. Example: `appsettings.json {   "Serilog": {     "WriteTo": [ "Console" ],     "MinimumLevel": {       "Default": "Error",       "Override": {         "Usercube": "Information"         }       }     } }                         ` | +| Serilog (optional) | Logger setting | Settings to configure the logging service, complying to the Logger properties and structure. See the [Monitoring](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. Example: `appsettings.json {   "Serilog": {     "WriteTo": ["Console"],     "MinimumLevel": {       "Default": "Error",       "Override": {         "Usercube": "Information"         }       }     } }                         ` | | Cors (optional) | Cors | Settings to configure the agent's [CORS policy](https://developer.mozilla.org/fr/docs/Web/HTTP/CORS), which is useful when using non-integrated agents. | | ApplicationInsights (optional) | ApplicationInsights | Settings to plug to and configure the [AppInsights](https://docs.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview) monitoring tool. | | TempFolderPath (optional) | String | Path to the temporary folder which contains: - ExportOutput: directory storing data exported from connectors. - JobLogs: directory storing task instance logs. - Reports: directory storing generated reports. - Packages: directory storing the downloaded package logos. - PolicySimulations: directory storing the files generated by policy simulations. - ProvisioningCache.txt: file storing the clustered provisioning cache. When enabled, this file can be used to coordinate the API cache among clusters. - CorrelationCache.txt - RiskCache.txt - ExpressionCache.txt - scheduler.lock - connector.txt - container.reset.txt: file acting as a reset command for Identity Manager's server, i.e. any change to this file triggers the reset service, thus reloading all the services instantiated by the server. Note that this path can be overridden by **ResetSettings** > **FilepathResetService**. - Mails: directory storing the email messages. Note that this path can be overridden by **ResetSettings** > **PickupDirectory**. - Deployment these elements can be removed, but make sure to restart the server after doing so. Example: `appsettings.json {   "TempFolderPath": "../Temp" }` | @@ -69,7 +72,7 @@ appsettings.json | Name | Type | Description | | --------------------------------- | ----- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| MaxTaskBatchSize default value: 5 | Int64 | Maximum number of tasks that can be launched simultaneously, thus avoiding timeout issues. When executing a job, Identity Manager launches simultaneously the tasks of a same Level. See the [ Job ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/job/index.md) topic for additional information. If the number of same-level tasks exceeds MaxTaskBatchSize, then Identity Manager inserts new levels. These effective levels can be seen in the job's logs or with the Usercube-Get-JobSteps executable. See the [ Usercube-Get-JobSteps ](/docs/identitymanager/6.2/integration-guide/executables/references/get-jobsteps/index.md) topic for additional information. | +| MaxTaskBatchSize default value: 5 | Int64 | Maximum number of tasks that can be launched simultaneously, thus avoiding timeout issues. When executing a job, Identity Manager launches simultaneously the tasks of a same Level. See the [Job](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/job/index.md) topic for additional information. If the number of same-level tasks exceeds MaxTaskBatchSize, then Identity Manager inserts new levels. These effective levels can be seen in the job's logs or with the Usercube-Get-JobSteps executable. See the [Usercube-Get-JobSteps](/docs/identitymanager/6.2/integration-guide/executables/references/get-jobsteps/index.md) topic for additional information. | ## Scheduler @@ -107,14 +110,17 @@ This information can be set one of two ways: identified by SubjectDistinguishedName or by Thumbprint. The Windows certificate also contains both the public key certificate and the private key. - **NOTE:** Netwrix recommends using Windows' certificate store. + :::note + Netwrix recommends using Windows' certificate store. + ::: + On the other hand, the PFX file takes priority over Windows' certificate, which means that when File is specified then the PFX certificate is used, even if the options for Windows' certificate are specified too. In both ways, missing and/or incorrect settings trigger an error and no certificate is loaded. -As a PFX file +**As a PFX file** For example: @@ -139,20 +145,23 @@ The archive is set using the following attributes: | File (required) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive path on the host file system. | | Password (optional) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. | -**NOTE:** Storing a .pfx file password in plain text in a production environment is strongly +:::note +Storing a .pfx file password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword tool. See the -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. +::: + The archive is set using the following attributes: | Name | Type | Description | | ------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | File (required) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive path on the host file system. | -| Password (optional) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. storing a .pfx file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword.exe tool. See the[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. | +| Password (optional) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. storing a .pfx file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword.exe tool. See the[Usercube-Protect-CertificatePassword](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. | -As a Certificate in the Windows Store +**As a Certificate in the Windows Store** For example: @@ -180,7 +189,7 @@ The Windows certificate is set using these attributes: | StoreLocation (required) | String | Location of the relevant Windows certificate store: LocalMachine or CurrentUser. | | StoreName (required) | String | Name of the relevant Windows certificate store. | -Using Azure Key Vault +**Using Azure Key Vault** If the certificate is saved in Azure Key Vault, we must define the certificate identifier and the Vault connection. See the [Azure Key Vault](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) topic for additional @@ -200,7 +209,7 @@ script in the command line. Just like the Encryption Certificate, this information can be set one of two ways. -As a PFX file +**As a PFX file** For example: @@ -223,13 +232,16 @@ The archive is set using the following attributes: | X509KeyFilePath (required) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive path on the agent's host file system. | | X509KeyFilePassword (optional) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. | -**NOTE:** Storing a .pfx file password in plain text in a production environment is strongly +:::note +Storing a .pfx file password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword tool. See the -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. +::: -As a Certificate in the Windows Store + +**As a Certificate in the Windows Store** For example: @@ -254,8 +266,11 @@ The certificate is set using these attributes: | X509SubjectDistinguishedName (optional) | String | SubjectDistinguishedName of the certificate. It is required when X509Thumbprint is not defined. | | X509Thumbprint (optional) | String | Thumbprint of the certificate. It is required when X509SubjectDistinguishedName is not defined. | -**NOTE:** If you are using the certificate provided in the SDK, the agent will fail when launching. +:::note +If you are using the certificate provided in the SDK, the agent will fail when launching. You must create your own certificate. +::: + You can get the DistinguishedName of the certificate using OpenSSL: @@ -335,5 +350,8 @@ The application insights details are: | -------------------------------------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | InstrumentationKey default value: null | String | Key linked to the AppInsights instance to which the server's logs, requests, dependencies and performance are to be sent. See Microsoft's documentation to create an[ instrumentation key](https://docs.microsoft.com/en-us/azure/azure-monitor/app/create-new-resource). | -**NOTE:** The logs sent to AppInsights are configured through the Logger properties. See the -[ Monitoring ](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. +:::note +The logs sent to AppInsights are configured through the Logger properties. See the +[Monitoring](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. + +::: diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md index a02eb39577..3342f36639 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md @@ -25,7 +25,7 @@ Microsoft Entra ID (formerly Azure AD) Key Vault. See the [appsettings.agent](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) topic for additional information. Check the examples in connectors' credential protection sections. See the -[ ServiceNow ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md) topic +[ServiceNow](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md) topic for additional information. ## Write Settings to the Vault @@ -51,16 +51,14 @@ script in the command line.   "Connections": {     ...     "ADExport": { -      "Servers": [ -        { +      "Servers": [{           "Server": "",           "BaseDN": ""         },         {           "Server": "",           "BaseDN": "" -        } -      ], +        }],       "AuthType": "",       "Login": "",       "Password": "", @@ -78,7 +76,10 @@ To save the login to Azure Key Vault, create a secret whose name and value are r To save the second server, create a secret whose name and value are respectively `` and ``. -_Remember,_ the index of the first element is `0`. +:::tip +Remember, the index of the first element is `0`. +::: + This way, values from the Azure Key Vault take priority over the values from the appsettings files. diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md index e473380aab..61ce7ee000 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md @@ -134,10 +134,7 @@ defining at least the following properties: | Address | Server | | Password | Password | -Netwrix Identity Manager (formerly Usercube) recommends customizing the account's name because it will be used in [ - - Connection - ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) to retrieve this account from the vault. +Netwrix Identity Manager (formerly Usercube) recommends customizing the account's name because it will be used in [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) to retrieve this account from the vault. ``` @@ -243,7 +240,7 @@ The archive is set using the following attributes: | Name | Details | | ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | File required | **Type** String **Description** [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive path on the host file system. | -| Password optional | **Type** String **Description** [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. **Info:** storing a `.pfx` file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the [ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) tool. | +| Password optional | **Type** String **Description** [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. **Info:** storing a `.pfx` file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the [Usercube-Protect-CertificatePassword](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) tool. | #### As a Certificate in the Windows Store @@ -298,14 +295,13 @@ In this file: > "AD_Export": { > "Login": "AdAccount", > "Password": "AdAccount", -> "Servers": [ -> { +> "Servers": [> { > "Server": "AdAccount" > }, > { > "Server": "AdServer2" > } -> ] +>] > } > } > } diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md index 0429484c7f..d53d692c24 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md @@ -17,12 +17,12 @@ The Agent configuration uses two sets of settings: the agent **appsettings** set 1. The [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md) set is written either to the Agent's working directory appsettings.json file or as environment variables. See the - [ Architecture ](/docs/identitymanager/6.2/integration-guide/architecture/index.md) topic for additional information. + [Architecture](/docs/identitymanager/6.2/integration-guide/architecture/index.md) topic for additional information. 2. The [appsettings.agent](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) set is written as environment variables or to the appsettings.agent.json files from the Agent's working directory. 3. There are two additional files involved in the _Agent_'s configuration to protect sensitive data: appsettings.encrypted. agent. json and appsettings.cyberark.agent.json. See the - [ RSA Encryption ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) and + [RSA Encryption](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) and [CyberArk's AAM Credential Providers ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md index b75fb79675..c989444113 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md @@ -12,9 +12,9 @@ Identity Manager provides a few options to protect sensitive data via RSA encry Sensitive data can be RSA encrypted by using Identity Manager's tools: -- [ Usercube-Protect-X509JsonValue ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonvalue/index.md) +- [Usercube-Protect-X509JsonValue](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonvalue/index.md) to encrypt given values; -- [ Usercube-Protect-X509JsonFile ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonfile/index.md) +- [Usercube-Protect-X509JsonFile](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonfile/index.md) to encrypt a whole file. The file encryption tool should be used only on files that contain only plain text values, not @@ -36,7 +36,7 @@ The `appsettings.encrypted.json` and `appsettings.encrypted.agent.json` files co the `appsettings.json` and `appsettings.agent.json` files' sensitive setting values which are protected by RSA encryption. -These files follow the exact same structure as the [ Agent Configuration ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md). +These files follow the exact same structure as the [Agent Configuration](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md). ### Read the Encrypted Files diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/configure-okta/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/configure-okta/index.md index 1900152f08..987c7043fe 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/configure-okta/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/configure-okta/index.md @@ -33,8 +33,11 @@ application and add `/signin-oidc`. The Identity Manager disconnection redirecti necessary. To construct it, take Identity Manager's URL again and, at the end, add `/signout-callback-oidc`. -**NOTE:** The **Logout redirect URLs** section is marked as optional but it is mandatory for +:::note +The **Logout redirect URLs** section is marked as optional but it is mandatory for Identity Manager. +::: + ![Save Application](/img/product_docs/identitymanager/saas/integration-guide/network-configuration/how-tos/okta/okta_saveapplication.webp) diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/index.md index 5b61588adf..1c854fea81 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/index.md @@ -24,9 +24,9 @@ Configuration settings are detailed further in the following sections: - Server configuration, including connection to the database and end-user authentication. See the [Server Configuration](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/index.md) topic for additional information. - Agent configuration, including connection to the managed systems. See the - [ Agent Configuration ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md) topic for additional information. + [Agent Configuration](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md) topic for additional information. - Monitoring, indicating how to set up monitoring for Identity Manager. See the - [ Monitoring ](/docs/identitymanager/6.2/integration-guide/monitoring/index.md)topic for additional information. + [Monitoring](/docs/identitymanager/6.2/integration-guide/monitoring/index.md)topic for additional information. ## Write Settings @@ -77,7 +77,7 @@ Relevant files for the Agent can be found in its working directory: - `appsettings.cyberArk.agent.json` Each setting file is organized into several sections as shown in the Sets, Sections and values -diagram. See the [ Architecture ](/docs/identitymanager/6.2/integration-guide/architecture/index.md) topic for additional information. +diagram. See the [Architecture](/docs/identitymanager/6.2/integration-guide/architecture/index.md) topic for additional information. Each section's name matches a top level attribute of the file's `json` object. @@ -107,7 +107,7 @@ settings.example.json ``` In Integrated-agent mode, agent configuration is written to the Server's `appsettings.json` file. -See the [ Overview ](/docs/identitymanager/6.2/installation-guide/overview/index.md) topic for additional information. +See the [Overview](/docs/identitymanager/6.2/installation-guide/overview/index.md) topic for additional information. #### Reminder @@ -200,6 +200,6 @@ Configuration encompasses: - The Server configuration with a connection to the database and end-user authentication. See the [Server Configuration](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/index.md) topic for additional information. - The Agent configuration with a connection to the managed systems. See the - [ Agent Configuration ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md)topic for additional information. -- The Logger configuration. See the [ Monitoring ](/docs/identitymanager/6.2/integration-guide/monitoring/index.md)topic for additional + [Agent Configuration](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md)topic for additional information. +- The Logger configuration. See the [Monitoring](/docs/identitymanager/6.2/integration-guide/monitoring/index.md)topic for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md index deda273781..770c6dc1bd 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md @@ -16,7 +16,7 @@ methods and External methods. It is highly recommended that you use an External method. Internal methods are mostly used for debug, test and development purposes. -Internal methods +**Internal methods** The Internal methods use Identity Manager Server's internal authentication server. They rely on one of these Identity Server User Stores: @@ -24,7 +24,7 @@ of these Identity Server User Stores: - Test User Store, used in development environments. - Active Directory User Store, using an Active Directory to authenticate. -External methods +**External methods** External methods use external authentication providers. @@ -39,7 +39,7 @@ The types of authentication providers supported by Identity Manager are: - [SAML2](http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0.html) - [Integrated Windows Authentication (IWA)](https://docs.microsoft.com/en-us/aspnet/web-api/overview/security/integrated-windows-authentication) -Using more than one provider +**Using more than one provider** For each authentication method, one or several authentication providers can be set up. If several authentication providers are set up, end-users will be prompted to choose their preferred method of @@ -78,7 +78,7 @@ The archive is set using the following attributes on the appsettings > IdentityS - X509KeyFilePassword (optional) is the [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. -Example +**Example** Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -103,7 +103,7 @@ appsettings > IdentityServer section: | X509StoreLocation required | Sets the Relevant Windows certificate store's location: `LocalMachine` or `CurrentUser`. | | X509StoreName required | Sets the relevant Windows certificate store's name. | -Example +**Example** Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -117,12 +117,15 @@ script in the command line. ``` -**NOTE:** Identity Manager Server won't start if the +:::note +Identity Manager Server won't start if the [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive set up during this step is identical to the one provided with the SDK. Users must provide their own certificate. Self-signed certificates are accepted as valid. See the[Install the Server](/docs/identitymanager/6.2/installation-guide/production-ready/server/index.md)topic for additional information. +::: + ## Configuration Section Description @@ -182,18 +185,21 @@ to enable Identity Manager's testers to identify which authentication method is in the code, with a mnemonic name. Any name can be used as long as all AuthenticationSchemes are different. -**NOTE:** This guide doesn't cover how to set up authorizations within Identity Manager. +:::note +This guide doesn't cover how to set up authorizations within Identity Manager. Authorization for an end-user to access Identity Manager resources relies on assigning roles to profiles. Identity credentials used for authentication must be linked to these profiles in the -applicative configuration. See the [ Various XML Settings ](/docs/identitymanager/6.2/integration-guide/network-configuration/settings/index.md)topic for +applicative configuration. See the [Various XML Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/settings/index.md)topic for additional information. +::: + Authentication-related settings are done through the following sections of the appsettings set: - IdentityServer - Authentication -See the[ Architecture ](/docs/identitymanager/6.2/integration-guide/architecture/index.md)topic for additional information. +See the[Architecture](/docs/identitymanager/6.2/integration-guide/architecture/index.md)topic for additional information. ### Identity Server @@ -250,8 +256,11 @@ retrieves identity credentials from the Windows session where the user is logged to the domain controller for authentication. The domain controller confirms the user's identity and validates it for Identity Manager. The end-user doesn't have to input any credentials. -**NOTE:** If Integrated Windows Authentication is used, internal methods have to be disabled with +:::note +If Integrated Windows Authentication is used, internal methods have to be disabled with the `"AllowLocalLogin":false` setting. +::: + ### Requirements @@ -299,11 +308,11 @@ Integrated Windows Authentication is configured using the following sections: One or several OpenID Connect authentication providers can be set up under the Authentication > OpenId section. -Multiple providers +**Multiple providers** One or several OpenID Connect authentication providers can be set up. -Registration process +**Registration process** Using an OpenID Connect authentication requires the Identity Manager Server to be registered to the provider. A ClientID and a ClientSecret are issued as a result of the registration process. They @@ -312,7 +321,7 @@ both allow Identity Manager to identify itself to the authentication provider. of how to register Identity Manager to an Microsoft Entra ID (formerly Microsoft Azure AD) used as OpenID Connect provider. -Callback URL +**Callback URL** The target OpenID Connect provider needs to be aware of the URI where to send the authentication token if the authentication succeeds. Depending on the provider, it is called a callback URL, a @@ -324,18 +333,18 @@ Identity Manager's callback URL for OpenID Connect is ` `` is the address of your Identity Manager Server such as `https://identitymanager.contoso.com`. -Authority +**Authority** An OpenID Connect provider is identified by its Authority, according to the [OpenID ](https://openid.net/connect/)Connect specifications. -NameClaimType +**NameClaimType** To authorize an end-user, Identity Manager Server retrieves a specific claim (a key-value pair, transmitted through the OIDC-issued JWT token) returned by the provider and looks for a resource that matches this claim's value. The comparison is carried out according to the resource and property set as the end-user's identity in the applicative configuration. See the -[ Select User by Identity Query Handler Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md) +[Select User by Identity Query Handler Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md) The name of the claim that is retrieved for this purpose defaults to `sub` which is one of the standard @@ -346,8 +355,11 @@ Claim names. For this reason, the name of the claim that is retrieved by Identity Manager for authorization purposes can be set up according to the provider's specifics. -**NOTE:** Users should be able to get a list of the claim names used by their authentication +:::note +Users should be able to get a list of the claim names used by their authentication providers from their providers' portal website, documentation or administrators. +::: + For example, the following claim provides no meaningful `sub` value. @@ -399,7 +411,7 @@ Under the new subsection, the following parameters are used to configure the aut | ClientId required | String | Is the Client ID issued during the registration of Identity Manager to the chosen OpenID Connect provider. | | ClientSecret required | String | Is the Client Secret issued during the registration of Identity Manager to the chosen OpenID Connect provider. | | Authority required | String | This URL identifies the OpenID Connect provider for Identity Manager according to the [OpenID Connect specifications](https://openid.net/connect/). It can be retrieved from the target OpenID Connect provider documentation. For example, [Microsoft's documentation ](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc)indicates the Microsoft Identity Platform OpenID Connect[ ](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc)authority. | -| NameClaimType optional | String | Sets the type of the claim that will be retrieved by Identity Manager to identify the end-user. The retrieved claim will be compared against the resource and property set as the end-user's identity in the applicative configuration. See the [ Select User by Identity Query Handler Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md)topic for additional information. | +| NameClaimType optional | String | Sets the type of the claim that will be retrieved by Identity Manager to identify the end-user. The retrieved claim will be compared against the resource and property set as the end-user's identity in the applicative configuration. See the [Select User by Identity Query Handler Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md)topic for additional information. | | Scopes optional | String | Sets the list of the requested [scopes](https://auth0.com/docs/scopes/openid-connect-scopes). By default, the requested scopes are: openid, profile and email. | | SaveTokens default value: false | Boolean | Only for Okta providers. Set to `true if authentication uses an Okta provider. See the [Configure Okta](/docs/identitymanager/6.2/integration-guide/network-configuration/configure-okta/index.md) topic for additional information. | | MetadataAddress optional | String | URL address of a copy of the metadata, used when the authority metadata cannot be accessed from the Identity Manager server, for example because of a firewall. | @@ -407,7 +419,7 @@ Under the new subsection, the following parameters are used to configure the aut | ResponseMode optional | String | Response mode for OpenIdConnect. - Query - FormPost - Fragment [See OpenId documentation](https://openid.net/specs/openid-connect-core-1_0.html). | | ResponseType optional | String | Response type for OpenIdConnect. - Code - CodeIdToken - CodeIdTokenToken - CodeToken - IdToken - IdTokenToken - None - Token See examples in the [OpenId documentation.](https://openid.net/specs/openid-connect-core-1_0.html#openid-documentation) | -Example +**Example** This example configures an OpenId Connect authority located at [https://login.microsoftonline.com/bbd35166-7c13-49f3-8041-9551f2847b69](https://login.microsoftonline.com/bbd35166-7c13-49f3-8041-9551f2847b69). @@ -450,11 +462,11 @@ script in the command line. One or several OAuth authentication providers can be set up under the authentication > OAuth section. -Multiple providers +**Multiple providers** One or several OAuth authentication providers can be set up. -Registration process +**Registration process** Using an OAuth authentication requires Identity Manager Server to be registered to the provider. A ClientID and a ClientSecret are issued as a result of the registration process. They both allow @@ -501,7 +513,7 @@ Each section is configured with the following settings: | SaveTokens default value: false | Boolean | Only for Okta providers. Set to `true if authentication uses an Okta provider. See the [Configure Okta](/docs/identitymanager/6.2/integration-guide/network-configuration/configure-okta/index.md)topic for additional information. | | Scope optional | String | Sets the list of the requested [scopes](https://auth0.com/docs/scopes/openid-connect-scopes). | -Example +**Example** The following example configures an OAuth-based authentication provider identified as OAuthContoso_Washington in the configuration file. @@ -548,11 +560,11 @@ One or several WS-Federation authentication providers can be set up under the au WsFederation subsection. Examples of WS-Federation providers include Active Directory Federation Services (ADFS) and Microsoft Entra ID (AAD). -Multiple providers +**Multiple providers** One or several WS-Federation authentication providers can be set up. -Registration process +**Registration process** Using a WS-Federation authentication requires Identity ManagerServer to be registered to the provider. A Wtrealm value is set up during the registration process. The value can be generated by @@ -566,7 +578,7 @@ itself to the authentication provider. Here are two examples of registration pro [Microsoft Entra ID](https://docs.microsoft.com/en-us/aspnet/core/security/authentication/ws-federation?view=aspnetcore-5.0#microsoft-entra-id) provider -Callback URL +**Callback URL** The target WS-Federation provider needs to be aware of the URI where to send the authentication token if the authentication succeeds. Depending on the provider, it is called a callback URL, a @@ -578,7 +590,7 @@ Identity Manager's callback URL for WS-Federation is ``/signin-wsfed where `` is the address of your Identity Manager Server such as https://identitymanager.contoso.com. -Encryption algorithm +**Encryption algorithm** The nature of the encryption algorithm used for exchanging the sign-in key with the provider is automatically negotiated between Identity Manager Server and the authentication server. The most @@ -605,7 +617,7 @@ Each section is configured with the following settings: | DisplayName optional | Is the provider display name. Chosen by the user, it is used in the UI to identify the authentication method. | | AuthenticationScheme required | Is the unique identifier of this authentication method within Identity Manager. Any string value can be used, unique among all authentication methods. | -Example +**Example** This example configures a WS-Federation-based authentication provider identified as WsFederationContoso_LA in the configuration file. @@ -643,11 +655,11 @@ section. Identity Manager does not provide a signature for SAML2 authentication. -Multiple providers +**Multiple providers** One or several **SAML2** authentication providers can be set up. -Registration process +**Registration process** Using a **SAML2** authentication requires Identity Manager Server to be registered to the provider. An **Entity ID URI** value is set up for Identity Manager during the registration process. It is @@ -655,7 +667,7 @@ used as the prefix for scopes and as the value of the audience claim in access t be generated by the provider, or set manually as a URL-shaped string value. This allows Identity Manager to identify itself to the authentication provider. -Reply URL +**Reply URL** The target **SAML2** provider needs to be aware of the URI where to send the authentication token if the authentication succeeds. This URI is called **Reply URL** or **Assertion Consumer Service (ACS) @@ -669,7 +681,7 @@ https://identitymanager.contoso.com. Make sure to enter this exact URL which is treated case sensitively. -Configuration +**Configuration** First, the SAML2 method must be enabled under the authentication > SAML2 section. @@ -736,7 +748,10 @@ This information can be set one of two ways: identified by SubjectDistinguishedName or by Thumbprint. The Windows certificate also contains both the public key certificate and the private key. -_Remember,_ Netwrix recommends using Windows' certificate store. +:::tip +Remember, Netwrix recommends using Windows' certificate store. +::: + On the other hand, the PFX file takes priority over Windows' certificate, which means that when `File` is specified then the PFX certificate is used, even if the options for Windows' certificate @@ -744,9 +759,12 @@ are specified too. In both ways, missing and/or incorrect settings trigger an error and no certificate is loaded. -_Remember,_ the AzureKeyVault section is mandatory when using CertificateAzureKeyVault. Identity +:::tip +Remember, the AzureKeyVault section is mandatory when using CertificateAzureKeyVault. Identity Manager server loads the encryption certificate from Azure Key Vault only if the AzureKeyVault and EncryptionCertificate are defined at the same level in the configuration file. +::: + #### As a PFX file @@ -774,7 +792,7 @@ The archive is set using the following attributes: Storing a `.pfx` file password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Identity Manager-Protect-CertificatePassword tool. See the -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. The archive is set using the following attributes: @@ -817,9 +835,12 @@ If the certificate is saved in Azure Key Vault, we must define the certificate i Vault connection. See the [Azure Key Vault](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) topic for additional information. -_Remember,_ the AzureKeyVault section is mandatory when using CertificateAzureKeyVault. Identity +:::tip +Remember, the AzureKeyVault section is mandatory when using CertificateAzureKeyVault. Identity Manager server loads the encryption certificate from Azure Key Vault only if the AzureKeyVault and EncryptionCertificate are defined at the same level in the configuration file. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -849,7 +870,7 @@ script in the command line. When Internal Methods is enabled, the end-user is prompted via a form to input a login and a password. The login to be used is defined within the applicative configuration's Select User By -Identity Query Handler Setting element. See the [ Various XML Settings ](/docs/identitymanager/6.2/integration-guide/network-configuration/settings/index.md) +Identity Query Handler Setting element. See the [Various XML Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/settings/index.md) topic for additional information. First, the AllowLocalLogin parameter needs to be set to true in the Authentication section. @@ -990,7 +1011,10 @@ method. A Test User Store can be set up under the authentication > TestUserStore section. It allows all users to authenticate with their login and the same password. -_Remember,_ this should never be used in a production environment. +:::tip +Remember, this should never be used in a production environment. +::: + The following parameters are available under the authentication > TestUserStore section: @@ -999,7 +1023,7 @@ The following parameters are available under the authentication > TestUserStore | Enabled required | Boolean | Enables or disables the OpenId Connection. | | Password required | String | Is the password for all users to authenticate Identity Manager. | -Example +**Example** Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/general-purpose/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/general-purpose/index.md index 800b912ef2..d4ec346443 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/general-purpose/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/general-purpose/index.md @@ -33,7 +33,7 @@ The appsettings set allows the following attributes and sections: | ApplicationUri required | String | URI of the server to use in log messages, to communicate with the server in tasks, to allow certain redirect URIs. It must be the same as the agent's appsettings.json's ApplicationUri. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …       “ApplicationUri”: “usercubeserver.contoso.com:5000” }` | | EncryptionCertificate required | EncryptionCertificate | Settings to configure the encryption of specific files. | | License | String | License key of the server. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …       “License”: “{"LicensedTo":"","ValidTo":"<20120905>","IdentityQuota":"<10000>","Signature":"<…>"}" }` | -| Agents optional | Agent List | List of agents' settings used to work on several environments. See the [ Architecture ](/docs/identitymanager/6.2/integration-guide/architecture/index.md) topic for additional information. This way, each Agent's URI/URL is configured without altering the database. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …       “Agents”: {             “Local”: {                   “Uri”: “”             },             …       } }` | +| Agents optional | Agent List | List of agents' settings used to work on several environments. See the [Architecture](/docs/identitymanager/6.2/integration-guide/architecture/index.md) topic for additional information. This way, each Agent's URI/URL is configured without altering the database. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …       “Agents”: {             “Local”: {                   “Uri”: “”             },             …       } }` | | AppDisplay optional | AppDisplay | Settings to override the application display XML configuration. See the [App Display Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/appdisplaysetting/index.md) topic for additional information. It is useful to change the application's theme and name without redeploying the whole configuration. | | ApplicationInsights optional | ApplicationInsights | Settings to plug to and configure the [App Insights](https://docs.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview) monitoring tool. | | DataProtection optional | DataProtection | Settings to configure the encryption used for the authentication cookies and the anti-forgery tokens. The data protection can be configured to share the keys between several instances of Identity Manager's server, for example when deployed in a cluster where the servers do not have the same machine id. | @@ -43,10 +43,10 @@ The appsettings set allows the following attributes and sections: | MailSettings optional | String | Settings to configure the email service. | | MaxActors default value: 20 maximum value: 50 | UInt | The maximum number of recipients who will be notified of the Workflow changes and can take action. If the number of recipients is exceeding the MaxRecipients value, then the actors will have the task assigned to them but they will not receive an email notification. In order for all actors to receive an email notification the MaxRecipients should be increased as well. | | MaxPageSize optionalAttribute | UInt | It represents the maximum number of items returned when using squeries. | -| NotUseAgent default value: false | Boolean | True to disable the use of the agent. See the[ Architecture ](/docs/identitymanager/6.2/integration-guide/architecture/index.md) topic for additional information. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "":  true }` | -| OpenIdClients optional | OpenIdClient List | List of hashed secrets used to override the plain-text secrets from the OpenIdClient XML configuration. See the [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. This way, Identity Manager stores only hashed secrets, for security purposes. Each environment must have its own secret, distinct from the others. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "OpenIdClients": {             "Job": {                   "": ""             },             "PowerBI": {                   "": "<7b8N2NWka5alDrjM7rFqf7+xqq9LIcT5jSoQ+1Ci2V0>"             }       } }` | +| NotUseAgent default value: false | Boolean | True to disable the use of the agent. See the[Architecture](/docs/identitymanager/6.2/integration-guide/architecture/index.md) topic for additional information. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "":  true }` | +| OpenIdClients optional | OpenIdClient List | List of hashed secrets used to override the plain-text secrets from the OpenIdClient XML configuration. See the [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. This way, Identity Manager stores only hashed secrets, for security purposes. Each environment must have its own secret, distinct from the others. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "OpenIdClients": {             "Job": {                   "": ""             },             "PowerBI": {                   "": "<7b8N2NWka5alDrjM7rFqf7+xqq9LIcT5jSoQ+1Ci2V0>"             }       } }` | | PowerBISettings optional | PowerBISettings | Settings to configure the API used by Power BI to access Identity Manager data. | -| Serilog optional | Serilog | Settings to configure the logging service, complying to the Logger properties and structure. See the [ Monitoring ](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "Serilog": {             "WriteTo": [ "Console" ],             "MinimumLevel": {                   "Default": "Error",                   "Override": {                         "Usercube": "Information"                   }             }       } }` | +| Serilog optional | Serilog | Settings to configure the logging service, complying to the Logger properties and structure. See the [Monitoring](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "Serilog": {             "WriteTo": ["Console"],             "MinimumLevel": {                   "Default": "Error",                   "Override": {                         "Usercube": "Information"                   }             }       } }` | | Swagger optional | Swagger | By enabling [Swagger ](https://swagger.io/tools/swagger-ui/)you can visualize and interact with the API's resources without having any of the implementation logic in place. It is automatically generated from Identity Manager's API, with the visual documentation making it easy for back-end implementation and client-side consumption. | | TempFolderPath default value: ../Temp | String | Path to the temporary folder which contains: - ExportOutput: directory storing data exported from connectors. - JobLogs: directory storing task instance logs. - Reports: directory storing generated reports. - Packages: directory storing the downloaded package logos. - PolicySimulations: directory storing the files generated by policy simulations. - ProvisioningCache.txt: file storing the clustered provisioning cache. When enabled, this file can be used to coordinate the API cache among clusters. - CorrelationCache.txt - RiskCache.txt - ExpressionCache.txt - scheduler.lock - connector.txt - container.reset.txt: file acting as a reset command for Identity Manager's server, i.e. any change to this file triggers the reset service, thus reloading all the services instantiated by the server. This path can be overridden by **ResetSettings** > **FilepathResetService**. - Mails: directory storing the email messages. This path can be overridden by **ResetSettings** > **PickupDirectory**. - Deployment These elements can be removed, but make sure to restart the server after doing so. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "" }` | | WorkFolderPath default value: ../Work | String | Path of the work folder which contains: - Collect: directory storing the CSV source files exported by connectors. - ProvisioningOrders: directory storing the orders generated by the server. - FulfillPowerShell: PowerShell provisioner's working directory. - FulfillRobotFramework: Robot Framework's provisioner working directory. - ExportCookies: directory storing the cookies used for incremental export. - Synchronization: directory storing the agent's data collection results. - Upload: directory storing the uploaded media like uploaded pictures, before they are inserted into the database. - appsettings.connection.json These elements must not be removed, because doing so may disrupt Identity Manager's execution after restarting. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "" }` | @@ -79,7 +79,7 @@ This information can be set one of two ways: certificate will be loaded first. The thumprint is unique among the certificates so it can help with for the certificate identification. -As a PFX file +**As a PFX file** For example: @@ -106,7 +106,7 @@ The archive is set using the following attributes: Storing a .pfx file password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword tool. See the -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. The archive is set using the following attributes: @@ -114,9 +114,9 @@ The archive is set using the following attributes: | Name | Type | Description | | ----------------- | ------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | File required | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive path on the host file system. | -| Password optional | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. Storing a .pfx file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword.exe tool. See the [ Usercube-Protect-CertificatePassword ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. | +| Password optional | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. Storing a .pfx file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword.exe tool. See the [Usercube-Protect-CertificatePassword](/docs/identitymanager/6.2/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. | -As a Certificate in the Windows Store +**As a Certificate in the Windows Store** For example: @@ -143,7 +143,7 @@ The Windows certificate is set using these attributes: | StoreLocation required | String | Location of the relevant Windows certificate store: LocalMachine or CurrentUser. | | StoreName required | String | Name of the relevant Windows certificate store. | -Using Azure Key Vault +**Using Azure Key Vault** If the certificate is saved in Azure Key Vault, we must define the certificate identifier and the Vault connection. See the [Azure Key Vault](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) @@ -158,7 +158,7 @@ script in the command line. }     ``` -Disabling file encryption +**Disabling file encryption** The encryption of specific files can be disabled via the following attribute: @@ -232,8 +232,11 @@ The application insights details are: | -------------------------------------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | InstrumentationKey default value: null | String | Key linked to the AppInsights instance to which the server's logs, requests, dependencies and performance are to be sent. See the Microsoft [Create an Application Insights resource](https://docs.microsoft.com/en-us/azure/azure-monitor/app/create-new-resource) article for information on creating an instrumentation key. | -**NOTE:** The logs sent to AppInsights are configured through the Logger properties. See the -[ Monitoring ](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. +:::note +The logs sent to AppInsights are configured through the Logger properties. See the +[Monitoring](/docs/identitymanager/6.2/integration-guide/monitoring/index.md) topic for additional information. +::: + ## PowerBI Settings diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/index.md index 3ee78111e7..d7d4384210 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/index.md @@ -14,7 +14,7 @@ database connection and some general-purpose settings. The Server configuration is included in the Server's appsettings set. The appsettings set content can be written to appsettings.json in the Server's working directory or -to environment variables. See the [ Architecture ](/docs/identitymanager/6.2/integration-guide/architecture/index.md) topic for additional +to environment variables. See the [Architecture](/docs/identitymanager/6.2/integration-guide/architecture/index.md) topic for additional information. The server appsettings supported attributes and sections are described in the following sections: @@ -23,7 +23,7 @@ The server appsettings supported attributes and sections are described in the fo - End-User Authentication - General-Purpose Settings -See the[ Connection to the Database ](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/database-connection/index.md), +See the[Connection to the Database](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/database-connection/index.md), [ End-User Authentication](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md) and [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/general-purpose/index.md) topics for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/rsa-encryption/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/rsa-encryption/index.md index 465245ecd7..4a31a2a321 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/rsa-encryption/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/rsa-encryption/index.md @@ -12,9 +12,9 @@ Identity Manager provides a few options to protect sensitive data via RSA encry Sensitive data can be RSA encrypted by using Netwrix Identity Manager (formerly Usercube)'s tools: -- [ Usercube-Protect-X509JsonValue ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonvalue/index.md) +- [Usercube-Protect-X509JsonValue](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonvalue/index.md) to encrypt given values; -- [ Usercube-Protect-X509JsonFile ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonfile/index.md) +- [Usercube-Protect-X509JsonFile](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonfile/index.md) to encrypt a whole file. The file encryption tool should be used only on files that contain only plain text values, not diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/settings/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/settings/index.md index 4f299453db..9b8d0edf29 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/settings/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/settings/index.md @@ -7,7 +7,7 @@ sidebar_position: 60 # Various XML Settings This section describes Identity Manager's -[ Settings ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/index.md) available in the +[Settings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/index.md) available in the applicative configuration. Those are mandatory. ## ConfigurationVersion @@ -16,7 +16,7 @@ This setting is used to track the current configuration version. ``` - +**** ``` @@ -30,7 +30,7 @@ This setting is used to customize the application display. ``` - +**** ``` @@ -103,7 +103,7 @@ The max number of links to display is 5. ``` - +**** ``` @@ -123,7 +123,7 @@ The max number of links to display is 5. _This attribute matches an end-user with a resource from the unified resource repository._ Authorization mechanisms within Identity Manager rely on assigning -[ Profiles ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md) +[Profiles](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md) to an identity-resource that stands for the end-user digital identity. To that end, and end-user authentication credentials are linked to such an identity-resource using @@ -188,7 +188,7 @@ This setting is used to filter the entity type used by authentication mechanism. ``` - +**** ``` @@ -204,7 +204,7 @@ This setting enables task delegation to a group of people. ``` - +**** ``` @@ -234,7 +234,7 @@ using the following setting: ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/technical-files/appsettings.connection/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/technical-files/appsettings.connection/index.md index a3e25d10c0..a5ce5638db 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/technical-files/appsettings.connection/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/technical-files/appsettings.connection/index.md @@ -9,7 +9,7 @@ sidebar_position: 10 ## Define configuration through UI On some configuration screens, such as the connector screen, it is possible to define some of the -[ Agent Configuration ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md). This configuration is stored in the +[Agent Configuration](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md). This configuration is stored in the **appsettings.connection.json** file, located inside the [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md) work folder. @@ -17,6 +17,6 @@ The **appsettings.connection.json** file has the exact same structure as the oth [appsettings.agent](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) file. This configuration file has the highest priority among others agent's configuration sources . See -the [ Agent Configuration ](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md) topic for additional information. +the [Agent Configuration](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/index.md) topic for additional information. You should not modify this file manually. diff --git a/docs/identitymanager/6.2/integration-guide/network-configuration/technical-files/index.md b/docs/identitymanager/6.2/integration-guide/network-configuration/technical-files/index.md index f6bb8edfec..56e683d629 100644 --- a/docs/identitymanager/6.2/integration-guide/network-configuration/technical-files/index.md +++ b/docs/identitymanager/6.2/integration-guide/network-configuration/technical-files/index.md @@ -9,4 +9,4 @@ sidebar_position: 40 This section gathers information relative to the technical files that Identity Manager could use or generate in its lifecycle. -- [ appsettings.connection ](/docs/identitymanager/6.2/integration-guide/network-configuration/technical-files/appsettings.connection/index.md) +- [appsettings.connection](/docs/identitymanager/6.2/integration-guide/network-configuration/technical-files/appsettings.connection/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/notifications/custom/index.md b/docs/identitymanager/6.2/integration-guide/notifications/custom/index.md index 65beb69d49..477566168b 100644 --- a/docs/identitymanager/6.2/integration-guide/notifications/custom/index.md +++ b/docs/identitymanager/6.2/integration-guide/notifications/custom/index.md @@ -19,17 +19,17 @@ given activity in [Workflows](/docs/identitymanager/6.2/integration-guide/workfl > for a workflow to continue. The configuration is made through the XML tag -[ Notification Aspect ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/aspects/notificationaspect/index.md). +[Notification Aspect](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/aspects/notificationaspect/index.md). ## Periodic Notifications A notification can be configured to be sent to a given user on a regular basis at specified times, through the -[ Send Notifications Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) +[Send Notifications Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) as part of a job. > For example, a notification can be sent automatically to remind a manager that someone arrives in > their team a month before the arrival, and again a week before. The configuration is made through the XML tag -[ Notification ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notification/index.md). +[Notification](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notification/index.md). diff --git a/docs/identitymanager/6.2/integration-guide/notifications/index.md b/docs/identitymanager/6.2/integration-guide/notifications/index.md index af15ccdae7..3a34cb204e 100644 --- a/docs/identitymanager/6.2/integration-guide/notifications/index.md +++ b/docs/identitymanager/6.2/integration-guide/notifications/index.md @@ -9,8 +9,8 @@ sidebar_position: 130 Identity Manager is able to send notification emails when an action is expected, or a job ends with an error. -Identity Manager provides [ Native Notifications ](/docs/identitymanager/6.2/integration-guide/notifications/native/index.md) for usual cases, for example +Identity Manager provides [Native Notifications](/docs/identitymanager/6.2/integration-guide/notifications/native/index.md) for usual cases, for example provisioning review, resource reconciliation, and role reconciliation. -[ Custom Notifications ](/docs/identitymanager/6.2/integration-guide/notifications/custom/index.md) can be configured for specific needs, to be triggered by a +[Custom Notifications](/docs/identitymanager/6.2/integration-guide/notifications/custom/index.md) can be configured for specific needs, to be triggered by a workflow, or periodically via a task. diff --git a/docs/identitymanager/6.2/integration-guide/notifications/native/customize-native-notification/index.md b/docs/identitymanager/6.2/integration-guide/notifications/native/customize-native-notification/index.md index 99e678d0da..f6a013731e 100644 --- a/docs/identitymanager/6.2/integration-guide/notifications/native/customize-native-notification/index.md +++ b/docs/identitymanager/6.2/integration-guide/notifications/native/customize-native-notification/index.md @@ -11,7 +11,7 @@ This guide shows how to set a template other than the default one for native not ## Overview Identity Manager natively sends notifications for usual cases. See the -[ Native Notifications ](/docs/identitymanager/6.2/integration-guide/notifications/native/index.md) topic for additional information. +[Native Notifications](/docs/identitymanager/6.2/integration-guide/notifications/native/index.md) topic for additional information. These native notifications are based on cshtml templates available inside the `Runtime` folder. If the provided templates do not meet your exact needs, then they can be replaced by personalized diff --git a/docs/identitymanager/6.2/integration-guide/notifications/native/errored-jobs/index.md b/docs/identitymanager/6.2/integration-guide/notifications/native/errored-jobs/index.md index 1219c97d30..1373ee04f2 100644 --- a/docs/identitymanager/6.2/integration-guide/notifications/native/errored-jobs/index.md +++ b/docs/identitymanager/6.2/integration-guide/notifications/native/errored-jobs/index.md @@ -9,6 +9,6 @@ sidebar_position: 60 Identity Manager is able to send notification emails when a job ends with an error. The notification email is sent to the user who has the necessary rights and the permission. -See the [ Native Notifications ](/docs/identitymanager/6.2/integration-guide/notifications/native/index.md) and -[ Profiles & Permissions ](/docs/identitymanager/6.2/integration-guide/profiles-permissions/index.md) topics for additional +See the [Native Notifications](/docs/identitymanager/6.2/integration-guide/notifications/native/index.md) and +[Profiles & Permissions](/docs/identitymanager/6.2/integration-guide/profiles-permissions/index.md) topics for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/notifications/native/index.md b/docs/identitymanager/6.2/integration-guide/notifications/native/index.md index dc1ba03251..cc1fb76088 100644 --- a/docs/identitymanager/6.2/integration-guide/notifications/native/index.md +++ b/docs/identitymanager/6.2/integration-guide/notifications/native/index.md @@ -15,7 +15,7 @@ Identity Manager natively sends notifications for: - Password reset to the users whose passwords are reset; - Access certification to the users selected as reviewers; -- [ Manual Provisioning ](/docs/identitymanager/6.2/integration-guide/notifications/native/manual-provisioning/index.md), provisioning review and role review to the +- [Manual Provisioning](/docs/identitymanager/6.2/integration-guide/notifications/native/manual-provisioning/index.md), provisioning review and role review to the users who own a profile with the permissions to perform the corresponding actions; - Jobs that finished in state completed/errored/aborted/blocked/warning to the users who own a profile with the corresponding permissions. @@ -43,5 +43,5 @@ found in `/Runtime/NotificationTemplates`. The templates for native notifications can be adjusted to specific needs through the XML tag [Notification Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md). -See the [ Customize a Native Notification ](/docs/identitymanager/6.2/integration-guide/notifications/native/customize-native-notification/index.md) for +See the [Customize a Native Notification](/docs/identitymanager/6.2/integration-guide/notifications/native/customize-native-notification/index.md) for additional information on how to customize native notifications. diff --git a/docs/identitymanager/6.2/integration-guide/notifications/native/manual-provisioning/index.md b/docs/identitymanager/6.2/integration-guide/notifications/native/manual-provisioning/index.md index e246a4ac17..dc52af11f2 100644 --- a/docs/identitymanager/6.2/integration-guide/notifications/native/manual-provisioning/index.md +++ b/docs/identitymanager/6.2/integration-guide/notifications/native/manual-provisioning/index.md @@ -13,7 +13,7 @@ Identity Manager natively sends notifications concerning manual provisioning. ### Notification Trigger The notifications are sent after a `FulfillTask` with a connection based on the -[ Manual Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/manual-ticket/index.md) package. +[Manual Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/manual-ticket/index.md) package. ### Notification Recipients diff --git a/docs/identitymanager/6.2/integration-guide/notifications/set-language/index.md b/docs/identitymanager/6.2/integration-guide/notifications/set-language/index.md index b48104a4c7..cccfc3fdfe 100644 --- a/docs/identitymanager/6.2/integration-guide/notifications/set-language/index.md +++ b/docs/identitymanager/6.2/integration-guide/notifications/set-language/index.md @@ -21,7 +21,7 @@ defined, then notifications use the first language. Set the first language for the whole application by proceeding as follows: 1. In the XML configuration, create a `Language` with `IndicatorNumber` set to `1`. See the - [ Language ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/language/index.md) topic for additional + [Language](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/language/index.md) topic for additional information. > For example, to set English as the first language: @@ -39,7 +39,7 @@ Set the first language for the whole application by proceeding as follows: Set the language explicitly for server-side-task notifications by proceeding as follows: 1. In the XML configuration, configure `MailSetting` with a `LanguageCode`See the - [ Mail Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md) topic + [Mail Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md) topic for additional information. > For example, to set the language to English: diff --git a/docs/identitymanager/6.2/integration-guide/profiles-permissions/create-assign-profiles/index.md b/docs/identitymanager/6.2/integration-guide/profiles-permissions/create-assign-profiles/index.md index 51957c0890..10ce57c7ab 100644 --- a/docs/identitymanager/6.2/integration-guide/profiles-permissions/create-assign-profiles/index.md +++ b/docs/identitymanager/6.2/integration-guide/profiles-permissions/create-assign-profiles/index.md @@ -12,7 +12,7 @@ these profiles automatically. ## Create a Profile Here is the xml configuration to create a profile in Identity Manager. See the -[ Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) topic for additional +[Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -42,7 +42,7 @@ script in the command line. The Identity Manager-Set-InternalUserProfiles task is mandatory to automatically assign the profile. The task can be selected from the Job provisioning list. See the -[ Set Internal User Profiles Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) +[Set Internal User Profiles Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the diff --git a/docs/identitymanager/6.2/integration-guide/profiles-permissions/permissions/index.md b/docs/identitymanager/6.2/integration-guide/profiles-permissions/permissions/index.md index 885ba6676f..15f2acbc42 100644 --- a/docs/identitymanager/6.2/integration-guide/profiles-permissions/permissions/index.md +++ b/docs/identitymanager/6.2/integration-guide/profiles-permissions/permissions/index.md @@ -74,7 +74,7 @@ Here is a list of permissions required for different user profiles: - /AccessControl/AccessControlRule/Delete - Permission to delete objects of type AccessControlRule +**Permission to delete objects of type AccessControlRule** - /AccessControl/AccessControlRule/Query @@ -198,11 +198,11 @@ Here is a list of permissions required for different user profiles: - /Connectors/EntityAssociationMapping/Create - Permission to create objects of type EntityAssociationMapping +**Permission to create objects of type EntityAssociationMapping** - /Connectors/EntityAssociationMapping/Delete - Permission to delete objects of type EntityAssociationMapping +**Permission to delete objects of type EntityAssociationMapping** - /Connectors/EntityAssociationMapping/Query - Permission to query and read objects of type EntityAssociationMapping. @@ -224,15 +224,15 @@ Here is a list of permissions required for different user profiles: - /Connectors/EntityPropertyMapping/Update - Permission to update objects of type EntityPropertyMapping +**Permission to update objects of type EntityPropertyMapping** - /Connectors/EntityTypeMapping/Create - Permission to create objects of type EntityTypeMapping +**Permission to create objects of type EntityTypeMapping** - /Connectors/EntityTypeMapping/Delete - Permission to delete objects of type EntityTypeMapping +**Permission to delete objects of type EntityTypeMapping** - /Connectors/EntityTypeMapping/Query @@ -240,7 +240,7 @@ Here is a list of permissions required for different user profiles: - /Connectors/EntityTypeMapping/Update - Permission to update objects of type EntityTypeMapping +**Permission to update objects of type EntityTypeMapping** - /Connectors/EntityTypeMappingByConnectorIdQuery/Query @@ -330,8 +330,11 @@ Here is a list of permissions required for different user profiles: - The permission's recipient will receive a notification email. - **NOTE:** In order to receive the notifications, a profile must have the full permission path. + :::note + In order to receive the notifications, a profile must have the full permission path. Having a (great-)parent permission will not enable notifications for all child entities. + ::: + For example, the permission /ProvisioningPolicy/PerformManualProvisioning/Directory_User allows a profile to perform manual provisioning with Directory_User as the source entity type, and @@ -350,8 +353,11 @@ Here is a list of permissions required for different user profiles: The permission's recipient will receive a notification email. - **NOTE:** In order to receive the notifications, a profile must have the full permission path. + :::note + In order to receive the notifications, a profile must have the full permission path. Having a (great-)parent permission will not enable notifications for all child entities. + ::: + For example, the permission /ProvisioningPolicy/PerformManualProvisioning/Directory_User allows a profile to perform manual provisioning with Directory_User as the source entity type, and @@ -494,7 +500,7 @@ Here is a list of permissions required for different user profiles: - /Jobs/JobStep/Delete - Permission to delete objects of type JobStep +**Permission to delete objects of type JobStep** - /Jobs/JobStep/Query @@ -562,7 +568,7 @@ Here is a list of permissions required for different user profiles: - /Jobs/Task/Update - Permission to update objects of type Task +**Permission to update objects of type Task** - /Jobs/TaskDependOnTask/Create @@ -610,7 +616,7 @@ Here is a list of permissions required for different user profiles: - /Jobs/TaskEntityType/Update - Permission to update objects of type TaskEntityType +**Permission to update objects of type TaskEntityType** - /Jobs/TaskIdByIdentifiersQuery/Query @@ -738,11 +744,11 @@ Here is a list of permissions required for different user profiles: - /Metadata/Setting/Create - Permission to create objects of type Setting +**Permission to create objects of type Setting** - /Metadata/Setting/Delete - Permission to delete objects of type Setting +**Permission to delete objects of type Setting** - /Metadata/Setting/Query @@ -750,7 +756,7 @@ Here is a list of permissions required for different user profiles: - /Metadata/Setting/Update - Permission to update objects of type Setting +**Permission to update objects of type Setting** - /Monitoring @@ -758,15 +764,15 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedCompositeRole/Comment - Permission to comment objects of type AssignedCompositeRole +**Permission to comment objects of type AssignedCompositeRole** - /ProvisioningPolicy/AssignedCompositeRole/Create - Permission to create objects of type AssignedCompositeRole +**Permission to create objects of type AssignedCompositeRole** - /ProvisioningPolicy/AssignedCompositeRole/Delete - Permission to delete objects of type AssignedCompositeRole +**Permission to delete objects of type AssignedCompositeRole** - /ProvisioningPolicy/AssignedCompositeRole/Query @@ -774,15 +780,15 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedCompositeRole/Update - Permission to update objects of type AssignedCompositeRole +**Permission to update objects of type AssignedCompositeRole** - /ProvisioningPolicy/AssignedResourceBinary/Create - Permission to create objects of type AssignedResourceBinary +**Permission to create objects of type AssignedResourceBinary** - /ProvisioningPolicy/AssignedResourceBinary/Delete - Permission to delete objects of type AssignedResourceBinary +**Permission to delete objects of type AssignedResourceBinary** - /ProvisioningPolicy/AssignedResourceBinary/Query @@ -790,15 +796,15 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedResourceBinary/Update - Permission to update objects of type AssignedResourceBinary +**Permission to update objects of type AssignedResourceBinary** - /ProvisioningPolicy/AssignedResourceNavigation/Create - Permission to create objects of type AssignedResourceNavigation +**Permission to create objects of type AssignedResourceNavigation** - /ProvisioningPolicy/AssignedResourceNavigation/Delete - Permission to delete objects of type AssignedResourceNavigation +**Permission to delete objects of type AssignedResourceNavigation** - /ProvisioningPolicy/AssignedResourceNavigation/Query @@ -806,15 +812,15 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedResourceNavigation/Update - Permission to update objects of type AssignedResourceNavigation +**Permission to update objects of type AssignedResourceNavigation** - /ProvisioningPolicy/AssignedResourceScalar/Create - Permission to create objects of type AssignedResourceScalar +**Permission to create objects of type AssignedResourceScalar** - /ProvisioningPolicy/AssignedResourceScalar/Delete - Permission to delete objects of type AssignedResourceScalar +**Permission to delete objects of type AssignedResourceScalar** - /ProvisioningPolicy/AssignedResourceScalar/Query @@ -822,19 +828,19 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedResourceScalar/Update - Permission to update objects of type AssignedResourceScalar +**Permission to update objects of type AssignedResourceScalar** - /ProvisioningPolicy/AssignedResourceType/Comment - Permission to comment objects of type AssignedResourceType +**Permission to comment objects of type AssignedResourceType** - /ProvisioningPolicy/AssignedResourceType/Create - Permission to create objects of type AssignedResourceType +**Permission to create objects of type AssignedResourceType** - /ProvisioningPolicy/AssignedResourceType/Delete - Permission to delete objects of type AssignedResourceType +**Permission to delete objects of type AssignedResourceType** - /ProvisioningPolicy/AssignedResourceType/ManualProvisioningReview @@ -846,19 +852,19 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedResourceType/Update - Permission to update objects of type AssignedResourceType +**Permission to update objects of type AssignedResourceType** - /ProvisioningPolicy/AssignedSingleRole/Comment - Permission to comment objects of type AssignedSingleRole +**Permission to comment objects of type AssignedSingleRole** - /ProvisioningPolicy/AssignedSingleRole/Create - Permission to create objects of type AssignedSingleRole +**Permission to create objects of type AssignedSingleRole** - /ProvisioningPolicy/AssignedSingleRole/Delete - Permission to delete objects of type AssignedSingleRole +**Permission to delete objects of type AssignedSingleRole** - /ProvisioningPolicy/AssignedSingleRole/Query @@ -866,11 +872,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedSingleRole/Update - Permission to update objects of type AssignedSingleRole +**Permission to update objects of type AssignedSingleRole** - /ProvisioningPolicy/AutomationRule/Create - Permission to create objects of type AutomationRule +**Permission to create objects of type AutomationRule** - /ProvisioningPolicy/AutomationRule/CreateSimulation @@ -878,7 +884,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AutomationRule/Delete - Permission to delete objects of type AutomationRule +**Permission to delete objects of type AutomationRule** - /ProvisioningPolicy/AutomationRule/DeleteSimulation @@ -898,7 +904,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AutomationRule/Updat - Permission to update objects of type AutomationRule +**Permission to update objects of type AutomationRule** - /ProvisioningPolicy/AutomationRule/UpdateSimulation @@ -906,11 +912,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/Category/Create - Permission to create objects of type Category +**Permission to create objects of type Category** - /ProvisioningPolicy/Category/Delete - Permission to delete objects of type Category +**Permission to delete objects of type Category** - /ProvisioningPolicy/Category/Query @@ -918,11 +924,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/Category/Update - Permission to update objects of type Category +**Permission to update objects of type Category** - /ProvisioningPolicy/CompositeRole/Create - Permission to create objects of type CompositeRole +**Permission to create objects of type CompositeRole** - /ProvisioningPolicy/CompositeRole/CreateSimulation @@ -930,7 +936,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/CompositeRole/Delete - Permission to delete objects of type CompositeRole +**Permission to delete objects of type CompositeRole** - /ProvisioningPolicy/CompositeRole/DeleteSimulation @@ -950,7 +956,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/CompositeRole/Update - Permission to update objects of type CompositeRole +**Permission to update objects of type CompositeRole** - /ProvisioningPolicy/CompositeRole/UpdateSimulation @@ -958,7 +964,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/CompositeRoleRule/Create - Permission to create objects of type CompositeRoleRule +**Permission to create objects of type CompositeRoleRule** - /ProvisioningPolicy/CompositeRoleRule/CreateSimulation @@ -966,7 +972,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/CompositeRoleRule/Delete - Permission to delete objects of type CompositeRoleRule +**Permission to delete objects of type CompositeRoleRule** - /ProvisioningPolicy/CompositeRoleRule/DeleteSimulation @@ -986,7 +992,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/CompositeRoleRule/Update - Permission to update objects of type CompositeRoleRule +**Permission to update objects of type CompositeRoleRule** - /ProvisioningPolicy/CompositeRoleRule/UpdateSimulation @@ -994,7 +1000,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ContextRule/Create - Permission to create objects of type ContextRule +**Permission to create objects of type ContextRule** - /ProvisioningPolicy/ContextRule/CreateSimulation @@ -1002,7 +1008,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ContextRule/Delete - Permission to delete objects of type ContextRule +**Permission to delete objects of type ContextRule** - /ProvisioningPolicy/ContextRule/DeleteSimulation @@ -1022,7 +1028,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ContextRule/Update - Permission to update objects of type ContextRule +**Permission to update objects of type ContextRule** - /ProvisioningPolicy/ContextRule/UpdateSimulation @@ -1034,11 +1040,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/MiningRule/Create - Permission to create objects of type MiningRule +**Permission to create objects of type MiningRule** - /ProvisioningPolicy/MiningRule/Delete - Permission to delete objects of type MiningRule +**Permission to delete objects of type MiningRule** - /ProvisioningPolicy/MiningRule/Query @@ -1046,11 +1052,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/MiningRule/Update - Permission to update objects of type MiningRule +**Permission to update objects of type MiningRule** - /ProvisioningPolicy/Policy/Create - Permission to create objects of type Policy +**Permission to create objects of type Policy** - /ProvisioningPolicy/Policy/CreateSimulation @@ -1058,7 +1064,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/Policy/Delete - Permission to delete objects of type Policy +**Permission to delete objects of type Policy** - /ProvisioningPolicy/Policy/DeleteSimulation @@ -1078,7 +1084,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/Policy/Update - Permission to update objects of type Policy +**Permission to update objects of type Policy** - /ProvisioningPolicy/Policy/UpdateSimulation @@ -1086,11 +1092,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/PolicySimulation/Create - Permission to create objects of type PolicySimulation +**Permission to create objects of type PolicySimulation** - /ProvisioningPolicy/PolicySimulation/Delete - Permission to delete objects of type PolicySimulation +**Permission to delete objects of type PolicySimulation** - /ProvisioningPolicy/PolicySimulation/Query @@ -1098,7 +1104,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/PolicySimulation/Start - Permission to start a simulation of a policy +**Permission to start a simulation of a policy** - /ProvisioningPolicy/PolicySimulation/Update @@ -1170,7 +1176,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceClassificationRule/Delete - Permission to delete objects of type ResourceClassificationRule +**Permission to delete objects of type ResourceClassificationRule** - /ProvisioningPolicy/ResourceClassificationRule/DeleteSimulation @@ -1191,7 +1197,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceClassificationRule/Update - Permission to update objects of type ResourceClassificationRule +**Permission to update objects of type ResourceClassificationRule** - /ProvisioningPolicy/ResourceClassificationRule/UpdateSimulation @@ -1199,7 +1205,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceCorrelationRule/Create - Permission to create objects of type ResourceCorrelationRule +**Permission to create objects of type ResourceCorrelationRule** - /ProvisioningPolicy/ResourceCorrelationRule/CreateSimulation @@ -1207,7 +1213,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceCorrelationRule/Delete - Permission to delete objects of type ResourceCorrelationRule +**Permission to delete objects of type ResourceCorrelationRule** - /ProvisioningPolicy/ResourceCorrelationRule/DeleteSimulation @@ -1228,7 +1234,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceCorrelationRule/Update - Permission to update objects of type ResourceCorrelationRule +**Permission to update objects of type ResourceCorrelationRule** - /ProvisioningPolicy/ResourceCorrelationRule/UpdateSimulation @@ -1242,7 +1248,7 @@ Here is a list of permissions required for different user profiles: Permission to query and read objects of type ResourceManageableAccounts - /ProvisioningPolicy/ResourceNavigationRule/Create +**/ProvisioningPolicy/ResourceNavigationRule/Create** - Permission to create objects of type ResourceNavigationRule - /ProvisioningPolicy/ResourceNavigationRule/CreateSimulation @@ -1251,7 +1257,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceNavigationRule/Delete - Permission to delete objects of type ResourceNavigationRule +**Permission to delete objects of type ResourceNavigationRule** - /ProvisioningPolicy/ResourceNavigationRule/DeleteSimulation @@ -1272,7 +1278,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceNavigationRule/Update - Permission to update objects of type ResourceNavigationRule +**Permission to update objects of type ResourceNavigationRule** - /ProvisioningPolicy/ResourceNavigationRule/UpdateSimulation @@ -1280,7 +1286,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceQueryRule/Create - Permission to create objects of type ResourceQueryRule +**Permission to create objects of type ResourceQueryRule** - /ProvisioningPolicy/ResourceQueryRule/CreateSimulation @@ -1288,7 +1294,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceQueryRule/Delete - Permission to delete objects of type ResourceQueryRule +**Permission to delete objects of type ResourceQueryRule** - /ProvisioningPolicy/ResourceQueryRule/DeleteSimulation @@ -1308,7 +1314,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceQueryRule/Update - Permission to update objects of type ResourceQueryRule +**Permission to update objects of type ResourceQueryRule** - /ProvisioningPolicy/ResourceQueryRule/UpdateSimulation @@ -1316,7 +1322,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceScalarRule/Create - Permission to create objects of type ResourceScalarRule +**Permission to create objects of type ResourceScalarRule** - /ProvisioningPolicy/ResourceScalarRule/CreateSimulation @@ -1324,7 +1330,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceScalarRule/Delete - Permission to delete objects of type ResourceScalarRule +**Permission to delete objects of type ResourceScalarRule** - /ProvisioningPolicy/ResourceScalarRule/DeleteSimulation @@ -1344,7 +1350,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceScalarRule/Update - Permission to update objects of type ResourceScalarRule +**Permission to update objects of type ResourceScalarRule** - /ProvisioningPolicy/ResourceScalarRule/UpdateSimulation @@ -1352,7 +1358,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceType/Create - Permission to create objects of type ResourceType +**Permission to create objects of type ResourceType** - /ProvisioningPolicy/ResourceType/CreateSimulation @@ -1360,7 +1366,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceType/Delete - Permission to delete objects of type ResourceType +**Permission to delete objects of type ResourceType** - /ProvisioningPolicy/ResourceType/DeleteSimulation @@ -1380,7 +1386,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceType/Update - Permission to update objects of type ResourceType +**Permission to update objects of type ResourceType** - /ProvisioningPolicy/ResourceType/UpdateSimulation @@ -1388,7 +1394,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceTypeRule/Create - Permission to create objects of type ResourceTypeRule +**Permission to create objects of type ResourceTypeRule** - /ProvisioningPolicy/ResourceTypeRule/CreateSimulation @@ -1396,7 +1402,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceTypeRule/Delete - Permission to delete objects of type ResourceTypeRule +**Permission to delete objects of type ResourceTypeRule** - /ProvisioningPolicy/ResourceTypeRule/DeleteSimulation @@ -1416,7 +1422,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceTypeRule/Update - Permission to update objects of type ResourceTypeRule +**Permission to update objects of type ResourceTypeRule** - /ProvisioningPolicy/ResourceTypeRule/UpdateSimulation @@ -1424,11 +1430,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/Risk/Create - Permission to create objects of type Risk +**Permission to create objects of type Risk** - /ProvisioningPolicy/Risk/Delete - Permission to delete objects of type Risk +**Permission to delete objects of type Risk** - /ProvisioningPolicy/Risk/OverrideApproval @@ -1444,15 +1450,15 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/Risk/Update - Permission to update objects of type Risk +**Permission to update objects of type Risk** - /ProvisioningPolicy/RoleMapping/Create - Permission to create objects of type RoleMapping +**Permission to create objects of type RoleMapping** - /ProvisioningPolicy/RoleMapping/Delete - Permission to delete objects of type RoleMapping +**Permission to delete objects of type RoleMapping** - /ProvisioningPolicy/RoleMapping/Query @@ -1460,11 +1466,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/RoleMapping/Update - Permission to update objects of type RoleMapping +**Permission to update objects of type RoleMapping** - /ProvisioningPolicy/SingleRole/Create - Permission to create objects of type SingleRole +**Permission to create objects of type SingleRole** - /ProvisioningPolicy/SingleRole/CreateSimulation @@ -1472,7 +1478,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/SingleRole/Delete - Permission to delete objects of type SingleRole +**Permission to delete objects of type SingleRole** - /ProvisioningPolicy/SingleRole/DeleteSimulation @@ -1492,7 +1498,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/SingleRole/Update - Permission to update objects of type SingleRole +**Permission to update objects of type SingleRole** - /ProvisioningPolicy/SingleRole/UpdateSimulation @@ -1500,7 +1506,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/SingleRoleRule/Create - Permission to create objects of type SingleRoleRule +**Permission to create objects of type SingleRoleRule** - /ProvisioningPolicy/SingleRoleRule/CreateSimulation @@ -1508,7 +1514,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/SingleRoleRule/Delete - Permission to delete objects of type SingleRoleRule +**Permission to delete objects of type SingleRoleRule** - /ProvisioningPolicy/SingleRoleRule/DeleteSimulation @@ -1528,7 +1534,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/SingleRoleRule/Update - Permission to update objects of type SingleRoleRule +**Permission to update objects of type SingleRoleRule** - /ProvisioningPolicy/SingleRoleRule/UpdateSimulation @@ -1544,11 +1550,11 @@ Here is a list of permissions required for different user profiles: - /Report/ReportQuery/Create - Permission to create objects of type ReportQuery +**Permission to create objects of type ReportQuery** - /Report/ReportQuery/Delete - Permission to delete objects of type ReportQuery +**Permission to delete objects of type ReportQuery** - /Report/ReportQuery/Query @@ -1556,7 +1562,7 @@ Here is a list of permissions required for different user profiles: - /Report/ReportQuery/Update - Permission to update objects of type ReportQuery +**Permission to update objects of type ReportQuery** - /Resources/Incremental/Query @@ -1564,11 +1570,11 @@ Here is a list of permissions required for different user profiles: - /Resources/Resource/Create - Permission to create objects of type Resource +**Permission to create objects of type Resource** - /Resources/Resource/Delete - Permission to delete objects of type Resource +**Permission to delete objects of type Resource** - /Resources/Resource/Query @@ -1576,7 +1582,7 @@ Here is a list of permissions required for different user profiles: - /Resources/Resource/Update - Permission to update objects of type Resource +**Permission to update objects of type Resource** - /Settings/Manage - /Universes/EntityInstance/Query @@ -1601,23 +1607,23 @@ Here is a list of permissions required for different user profiles: - /UserInterface/ConnectorResourceType/Create - Permission to create objects of type ConnectorResourceType +**Permission to create objects of type ConnectorResourceType** - /UserInterface/ConnectorResourceType/Delete - Permission to delete objects of type ConnectorResourceType +**Permission to delete objects of type ConnectorResourceType** - /UserInterface/ConnectorResourceType/Update - Permission to update objects of type ConnectorResourceType +**Permission to update objects of type ConnectorResourceType** - /UserInterface/DisplayEntityAssociation/Create - Permission to create objects of type DisplayEntityAssociation +**Permission to create objects of type DisplayEntityAssociation** - /UserInterface/DisplayEntityAssociation/Delete - Permission to delete objects of type DisplayEntityAssociation +**Permission to delete objects of type DisplayEntityAssociation** - /UserInterface/DisplayEntityAssociation/Query @@ -1625,15 +1631,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/DisplayEntityAssociation/Update - Permission to update objects of type DisplayEntityAssociation +**Permission to update objects of type DisplayEntityAssociation** - /UserInterface/DisplayEntityProperty/Create - Permission to create objects of type DisplayEntityProperty +**Permission to create objects of type DisplayEntityProperty** - /UserInterface/DisplayEntityProperty/Delete - Permission to delete objects of type DisplayEntityProperty +**Permission to delete objects of type DisplayEntityProperty** - /UserInterface/DisplayEntityProperty/Query @@ -1641,15 +1647,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/DisplayEntityProperty/Update - Permission to update objects of type DisplayEntityProperty +**Permission to update objects of type DisplayEntityProperty** - /UserInterface/DisplayEntityType/Create - Permission to create objects of type DisplayEntityType +**Permission to create objects of type DisplayEntityType** - /UserInterface/DisplayEntityType/Delete - Permission to delete objects of type DisplayEntityType +**Permission to delete objects of type DisplayEntityType** - /UserInterface/DisplayEntityType/Query @@ -1657,15 +1663,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/DisplayEntityType/Update - Permission to update objects of type DisplayEntityType +**Permission to update objects of type DisplayEntityType** - /UserInterface/DisplayPropertyGroup/Create - Permission to create objects of type DisplayPropertyGroup +**Permission to create objects of type DisplayPropertyGroup** - /UserInterface/DisplayPropertyGroup/Delete - Permission to delete objects of type DisplayPropertyGroup +**Permission to delete objects of type DisplayPropertyGroup** - /UserInterface/DisplayPropertyGroup/Query @@ -1673,15 +1679,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/DisplayPropertyGroup/Update - Permission to update objects of type DisplayPropertyGroup +**Permission to update objects of type DisplayPropertyGroup** - /UserInterface/DisplayTable/Create - Permission to create objects of type DisplayTable +**Permission to create objects of type DisplayTable** - /UserInterface/DisplayTable/Delete - Permission to delete objects of type DisplayTable +**Permission to delete objects of type DisplayTable** - /UserInterface/DisplayTable/Query @@ -1689,15 +1695,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/DisplayTable/Update - Permission to update objects of type DisplayTable +**Permission to update objects of type DisplayTable** - /UserInterface/DisplayTableColumn/Create - Permission to create objects of type DisplayTableColumn +**Permission to create objects of type DisplayTableColumn** - /UserInterface/DisplayTableColumn/Delete - Permission to delete objects of type DisplayTableColumn +**Permission to delete objects of type DisplayTableColumn** - /UserInterface/DisplayTableColumn/Query @@ -1705,7 +1711,7 @@ Here is a list of permissions required for different user profiles: - /UserInterface/DisplayTableColumn/Update - Permission to update objects of type DisplayTableColumn +**Permission to update objects of type DisplayTableColumn** - /UserInterface/DisplayTableDesignElement/Query @@ -1717,11 +1723,11 @@ Here is a list of permissions required for different user profiles: - /UserInterface/Form/Create - Permission to create objects of type Form +**Permission to create objects of type Form** - /UserInterface/Form/Delete - Permission to delete objects of type Form +**Permission to delete objects of type Form** - /UserInterface/Form/Query @@ -1729,15 +1735,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/Form/Updat - Permission to update objects of type Form +**Permission to update objects of type Form** - /UserInterface/FormControl/Create - Permission to create objects of type FormControl +**Permission to create objects of type FormControl** - /UserInterface/FormControl/Delete - Permission to delete objects of type FormControl +**Permission to delete objects of type FormControl** - /UserInterface/FormControl/Query @@ -1745,7 +1751,7 @@ Here is a list of permissions required for different user profiles: - /UserInterface/FormControl/Update - Permission to update objects of type FormControl +**Permission to update objects of type FormControl** - /UserInterface/HierarchyDataByEntityTypeIdQuery/Query @@ -1753,11 +1759,11 @@ Here is a list of permissions required for different user profiles: - /UserInterface/Indicator/Create - Permission to create objects of type Indicator +**Permission to create objects of type Indicator** - /UserInterface/Indicator/Delete - Permission to delete objects of type Indicator +**Permission to delete objects of type Indicator** - /UserInterface/Indicator/Query @@ -1765,15 +1771,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/Indicator/Update - Permission to update objects of type Indicator +**Permission to update objects of type Indicator** - /UserInterface/IndicatorItem/Create - Permission to create objects of type IndicatorItem +**Permission to create objects of type IndicatorItem** - /UserInterface/IndicatorItem/Delete - Permission to delete objects of type IndicatorItem +**Permission to delete objects of type IndicatorItem** - /UserInterface/IndicatorItem/Query @@ -1781,7 +1787,7 @@ Here is a list of permissions required for different user profiles: - /UserInterface/IndicatorItem/Update - Permission to update objects of type IndicatorItem +**Permission to update objects of type IndicatorItem** - /UserInterface/PersonasByFilterQuery/Query @@ -1810,11 +1816,11 @@ Here is a list of permissions required for different user profiles: - /UserInterface/SearchBar/Create - Permission to create objects of type SearchBar +**Permission to create objects of type SearchBar** - /UserInterface/SearchBar/Delete - Permission to delete objects of type SearchBar +**Permission to delete objects of type SearchBar** - /UserInterface/SearchBar/Query @@ -1822,15 +1828,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/SearchBar/Update - Permission to update objects of type SearchBar +**Permission to update objects of type SearchBar** - /UserInterface/SearchBarCriterion/Create - Permission to create objects of type SearchBarCriterion +**Permission to create objects of type SearchBarCriterion** - /UserInterface/SearchBarCriterion/Delete - Permission to delete objects of type SearchBarCriterion +**Permission to delete objects of type SearchBarCriterion** - /UserInterface/SearchBarCriterion/Query @@ -1838,15 +1844,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/SearchBarCriterion/Update - Permission to update objects of type SearchBarCriterion +**Permission to update objects of type SearchBarCriterion** - /UserInterface/Tile/Create - Permission to create objects of type Tile +**Permission to create objects of type Tile** - /UserInterface/Tile/Delete - Permission to delete objects of type Tile +**Permission to delete objects of type Tile** - /UserInterface/Tile/Query @@ -1854,7 +1860,7 @@ Here is a list of permissions required for different user profiles: - /UserInterface/Tile/Update - Permission to update objects of type Tile +**Permission to update objects of type Tile** - /UserInterface/TileDesignElement/Query @@ -1862,11 +1868,11 @@ Here is a list of permissions required for different user profiles: - /UserInterface/TileItem/Create - Permission to create objects of type TileItem +**Permission to create objects of type TileItem** - /UserInterface/TileItem/Delete - Permission to delete objects of type TileItem +**Permission to delete objects of type TileItem** - /UserInterface/TileItem/Query @@ -1874,7 +1880,7 @@ Here is a list of permissions required for different user profiles: - /UserInterface/TileItem/Update - Permission to update objects of type TileItem +**Permission to update objects of type TileItem** - /UserInterface/UserByIdentityQuery/Query @@ -1890,11 +1896,11 @@ Here is a list of permissions required for different user profiles: - /Workflows/Activity/Create - Permission to create objects of type Activity +**Permission to create objects of type Activity** - /Workflows/Activity/Delete - Permission to delete objects of type Activity +**Permission to delete objects of type Activity** - /Workflows/Activity/Query @@ -1902,7 +1908,7 @@ Here is a list of permissions required for different user profiles: - /Workflows/Activity/Update - Permission to update objects of type Activity +**Permission to update objects of type Activity** - /Workflows/ActivityInstance/Query @@ -1930,11 +1936,11 @@ Here is a list of permissions required for different user profiles: - /Workflows/HomonymEntityLink/Create - Permission to create objects of type HomonymEntityLink +**Permission to create objects of type HomonymEntityLink** - /Workflows/HomonymEntityLink/Delete - Permission to delete objects of type HomonymEntityLink +**Permission to delete objects of type HomonymEntityLink** - /Workflows/HomonymEntityLink/Query @@ -1942,7 +1948,7 @@ Here is a list of permissions required for different user profiles: - /Workflows/HomonymEntityLink/Update - Permission to update objects of type HomonymEntityLink +**Permission to update objects of type HomonymEntityLink** - /Workflows/UserActivityInstance/AssignedTo @@ -1962,11 +1968,11 @@ Here is a list of permissions required for different user profiles: - /Workflows/Workflow/Create - Permission to create objects of type Workflow +**Permission to create objects of type Workflow** - /Workflows/Workflow/Delete - Permission to delete objects of type Workflow +**Permission to delete objects of type Workflow** - /Workflows/Workflow/Query @@ -1974,7 +1980,7 @@ Here is a list of permissions required for different user profiles: - /Workflows/Workflow/Update - Permission to update objects of type Workflow +**Permission to update objects of type Workflow** - /Workflows/WorkflowInstance/Query @@ -1984,7 +1990,7 @@ Here is a list of permissions required for different user profiles: - /Workflows/WorkflowInstance/Start - /Workflows/WorkflowInstance/Supervise - Permission to supervise objects of type WorkflowInstance +**Permission to supervise objects of type WorkflowInstance** - /Workflows/WorkflowInstanceData/Query diff --git a/docs/identitymanager/6.2/integration-guide/profiles-permissions/rightsrestriction/index.md b/docs/identitymanager/6.2/integration-guide/profiles-permissions/rightsrestriction/index.md index 457934a8dc..cc9bc03f07 100644 --- a/docs/identitymanager/6.2/integration-guide/profiles-permissions/rightsrestriction/index.md +++ b/docs/identitymanager/6.2/integration-guide/profiles-permissions/rightsrestriction/index.md @@ -37,7 +37,7 @@ Assign a profile based on users' dimensions by proceeding as follows: > > ``` - See the [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for + See the [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for additional information. 2. Write profile rules and profile rule contexts to make the previously created dimensions act as @@ -55,7 +55,7 @@ Assign a profile based on users' dimensions by proceeding as follows: The profile rule context must use a Sub-Binding to define the entity type that contains the dimension information. - See the [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for + See the [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for additional information. ## Limit an Entity's Visibility @@ -72,7 +72,7 @@ Limit an entity's visibility by proceeding as follows: > > ``` - See the [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for + See the [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for additional information. 2. Create an access control entity type to list all the properties whose visibility must be @@ -88,7 +88,7 @@ Limit an entity's visibility by proceeding as follows: As a result, all the properties listed in the access control entity type are hidden from users by default when they have the usual permissions written above. See the - [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for + [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for additional information. To be able to see these properties, a user must have these permissions with a full access. @@ -141,5 +141,5 @@ the profile. > > ``` -See the [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for +See the [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/provisioning/argumentsexpression/index.md b/docs/identitymanager/6.2/integration-guide/provisioning/argumentsexpression/index.md index fdac248942..f54d366ff3 100644 --- a/docs/identitymanager/6.2/integration-guide/provisioning/argumentsexpression/index.md +++ b/docs/identitymanager/6.2/integration-guide/provisioning/argumentsexpression/index.md @@ -78,7 +78,7 @@ if (provisioningOrder.TryGetScalar("EmployeeId", out var employeeId) && (employe } } -return arguments;" /> +**return arguments;" />** ``` diff --git a/docs/identitymanager/6.2/integration-guide/provisioning/prov-thresholds/index.md b/docs/identitymanager/6.2/integration-guide/provisioning/prov-thresholds/index.md index 6e45d5234a..fe7910954b 100644 --- a/docs/identitymanager/6.2/integration-guide/provisioning/prov-thresholds/index.md +++ b/docs/identitymanager/6.2/integration-guide/provisioning/prov-thresholds/index.md @@ -17,7 +17,7 @@ Thresholds can be deactivated via the value `0`, though **they should not all be be "guarded" by at least one threshold. Once the changes have been reviewed, the blocked job can be resumed (or not). See the -[ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) topic for additional +[Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) topic for additional information. ## Thresholds for Provisioning @@ -36,5 +36,5 @@ the generation of provisioning orders. They are configured with: All thresholds are active. Therefore, the lowest threshold (according to the specific situation) would be the first to stop the generation of provisioning orders. -Distinct [ Thresholds ](/docs/identitymanager/6.2/integration-guide/synchronization/synchro-thresholds/index.md) are configurable for +Distinct [Thresholds](/docs/identitymanager/6.2/integration-guide/synchronization/synchro-thresholds/index.md) are configurable for synchronization. diff --git a/docs/identitymanager/6.2/integration-guide/resources/index.md b/docs/identitymanager/6.2/integration-guide/resources/index.md index c1b0d79cb4..46fc3ea3c9 100644 --- a/docs/identitymanager/6.2/integration-guide/resources/index.md +++ b/docs/identitymanager/6.2/integration-guide/resources/index.md @@ -13,7 +13,7 @@ repository. The source of truth for the engine is the data from external sources that are copied into Identity Manager's database. This persisted set of data, called _resources_, is stored in the **Resource -Repository**. See the [ Upward Data Synchronization ](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) +Repository**. See the [Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) topic for additional information. The repository keeps a full history of all the changes performed to the resources. It is hence @@ -28,7 +28,7 @@ Resources can be added to the resource repository from one of four ways: a reasonable amount of data. This is often used to input reference data that is not in the managed systems, or for which no source of truth exists. 3. Load data from a CSV file. This is how data from managed systems are loaded most of the time. See - the [ Upward Data Synchronization ](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) topic for + the [Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) topic for additional information. Any reference of identity data can be loaded into Identity Manager using CSV files. This is useful if the target organization already possess such files or can produce them easily. diff --git a/docs/identitymanager/6.2/integration-guide/role-assignment/assignment-dates/index.md b/docs/identitymanager/6.2/integration-guide/role-assignment/assignment-dates/index.md index 3df6740a93..204e1477c9 100644 --- a/docs/identitymanager/6.2/integration-guide/role-assignment/assignment-dates/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-assignment/assignment-dates/index.md @@ -27,5 +27,5 @@ its end date equal to the records' latest end date. ## For Automatic Assignments The start and end dates of any automatic assignment are based on the dates from the -[ Context Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md)defined for the +[Context Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md)defined for the identities. diff --git a/docs/identitymanager/6.2/integration-guide/role-assignment/assignments-of-entitlements/index.md b/docs/identitymanager/6.2/integration-guide/role-assignment/assignments-of-entitlements/index.md index 83242d8e2c..f6ad8b818f 100644 --- a/docs/identitymanager/6.2/integration-guide/role-assignment/assignments-of-entitlements/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-assignment/assignments-of-entitlements/index.md @@ -12,7 +12,7 @@ Assigning entitlements means giving users specific permissions, or access rights As Identity Manager relies on a [role-based](https://en.wikipedia.org/wiki/Role-based_access_control) assignment policy, entitlement -assignment is simply role assignment. See the [ Role Model ](/docs/identitymanager/6.2/integration-guide/role-model/index.md)topic for +assignment is simply role assignment. See the [Role Model](/docs/identitymanager/6.2/integration-guide/role-model/index.md)topic for additional information. So once a user is assigned a role, Identity Manager must make the right changes in the managed @@ -33,7 +33,7 @@ computing expected assignments based on existing users and the policy's roles an assignments can: - Result directly from the application of assignment rules on identities. See the - [ Assignment Policy ](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md)topic for additional information. + [Assignment Policy](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md)topic for additional information. - Be inferred and cascading from another assignment. Manual assignments and degradations are on the other hand, need to be requested individually through @@ -44,9 +44,12 @@ the UI. Some entitlements require the approval of one or several knowledgeable users before actually being assigned. This is standard procedure in many security-concerned organizations. -**NOTE:** This is configurable through the role's or resource type's approval workflow type. See the -[ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for +:::note +This is configurable through the role's or resource type's approval workflow type. See the +[Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for additional information. +::: + Each step of the approval workflow is associated with a workflow state, so that all assignments can be tracked and it is clear what step they are at. @@ -69,8 +72,11 @@ In addition to the workflow state that represents an assignment's progress in th any assignment also has a provisioning state to represent its progress in its lifetime from creation in the database to provisioning to the managed system and to its eventual deletion. -**NOTE:** Contrary to the workflow state that concerns all assignments, the provisioning state is +:::note +Contrary to the workflow state that concerns all assignments, the provisioning state is only about the assignments that need provisioning. +::: + For example, roles exist only in Identity Manager and not in the managed systems, so assigned roles do not have a provisioning state, unlike assigned resource types, scalars and navigation, etc. @@ -120,9 +126,12 @@ therefore: permission; - Kept as an exception if the configured rules do not apply to this particular case. -**NOTE:** Non-conforming assignments are to be reviewed on the **Role Reconciliation** and/or +:::note +Non-conforming assignments are to be reviewed on the **Role Reconciliation** and/or **Resource Reconciliation** screens. See the [Evaluate Policy](/docs/identitymanager/6.2/integration-guide/role-assignment/evaluate-policy/index.md) topic for additional information. +::: + Non-conforming assignments can still be split into two categories: @@ -165,7 +174,7 @@ resource type materializes: - The categorization of the created resource, which means both the correlation of the resource to an owner, and the classification of the resource into a specific type with specific rules between owner and owned resources. See the - [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional + [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. ### Reconciliation @@ -176,8 +185,11 @@ existence or its values do not comply with the policy. For example, a SAP account is found for a user who should not have one according to the role model's rules. -**NOTE:** An account can also be an orphan when it is found in the managed system, but no owner +:::note +An account can also be an orphan when it is found in the managed system, but no owner could be correlated. +::: + ### Consolidated states @@ -193,8 +205,11 @@ together with its nested scalar/navigation assignments, and it is described by t - ConsolidatedWorkflowReviewState represents the progress in the approval workflow for a manual assignment; - **NOTE:** Except for very technical use cases, resource types should not be requested manually, + :::note + Except for very technical use cases, resource types should not be requested manually, they should only be inferred by a role and thus assigned automatically. + ::: + - ConsolidatedWorkflowBlockedState indicates whether one or more of the nested scalars/navigations are blocked; diff --git a/docs/identitymanager/6.2/integration-guide/role-assignment/configureindirectpermissions/index.md b/docs/identitymanager/6.2/integration-guide/role-assignment/configureindirectpermissions/index.md index 6764b1e92c..72f98021ad 100644 --- a/docs/identitymanager/6.2/integration-guide/role-assignment/configureindirectpermissions/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-assignment/configureindirectpermissions/index.md @@ -7,7 +7,7 @@ sidebar_position: 80 # Configure Indirect Permissions The following how-to assumes that you have already read the topic on -[ Indirect Permissions ](/docs/identitymanager/6.2/integration-guide/role-assignment/indirectpermissions/index.md). +[Indirect Permissions](/docs/identitymanager/6.2/integration-guide/role-assignment/indirectpermissions/index.md). ## Configure Indirect Permissions in an Active Directory @@ -72,9 +72,7 @@ Even if two rules of a kind are needed, only one is pictured. Do not forget the #### Indirect permission display -After running a [ -Compute Role Model Task -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md), Indirect Permissions should now appear for your test user. +After running a [Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md), Indirect Permissions should now appear for your test user. The next screenshots were taken after adding the direct assignment directly inside the Active Directory. As such, the direct permission is also flagged as ```Non-conforming```. diff --git a/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md b/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md index b4d9259ad3..c8fc7517ff 100644 --- a/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md @@ -7,7 +7,7 @@ sidebar_position: 90 # Conforming Assignments The -[ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) is able to compute, for a given identity, the appropriate assignments. If you are interested in a detailed description of the actual Compute Role Model task algorithm, diff --git a/docs/identitymanager/6.2/integration-guide/role-assignment/evaluate-policy/index.md b/docs/identitymanager/6.2/integration-guide/role-assignment/evaluate-policy/index.md index 597005899e..bb1ec7c900 100644 --- a/docs/identitymanager/6.2/integration-guide/role-assignment/evaluate-policy/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-assignment/evaluate-policy/index.md @@ -7,7 +7,7 @@ sidebar_position: 40 # Evaluate Policy Evaluate Policy is the core algorithm of the assignment policy. See the -[ Assignment Policy ](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) topic for additional information. +[Assignment Policy](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) topic for additional information. The algorithm is applied by the server to a resource. It has the following responsibilities: @@ -17,7 +17,7 @@ The algorithm is applied by the server to a resource. It has the following respo - Managing assignment lifecycle: updating provisioning states - Purging expired assignments -See the [ Risk Management ](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) topic for additional information. +See the [Risk Management](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) topic for additional information. ## Overview @@ -46,8 +46,8 @@ Evaluate Policy is executed by the task `Usercube-Compute-RoleModel`, usually in regularly scheduled provisioning job. See the [Connectors](/docs/identitymanager/6.2/integration-guide/connectors/index.md), -[ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md), -and [ Jobs ](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md) topics for additional information. +[Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md), +and [Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md) topics for additional information. ## The Algorithm Steps @@ -80,18 +80,21 @@ To improve execution time, two optimizations are used: - Identity Manager only selects resources for which a new assignment computation is needed. They are resources updated during the last incremental synchronization, and resources that depend on them. They are identified by the dirty flag, set during incremental synchronization. See the - [ Upward Data Synchronization ](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) topic for + [Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) topic for additional information. -**NOTE:** For very few edge cases, dependencies between resource values can be difficult to identify +:::note +For very few edge cases, dependencies between resource values can be difficult to identify within Identity Manager. An example involves entity property expressions using [LINQ](https://docs.microsoft.com/en-us/dotnet/csharp/programming-guide/concepts/linq/) syntax. See -the [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)topic for +the [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)topic for additional information. A second- or third-order binding used in such an expression actually defines a dependency. But Identity Manager does not account for it, because of performance-reliability trade-offs. That means a resource `R1`, using such an expression to compute one of its properties values from another resource `R2` property value, might not be updated even if `R2` has been updated by incremental synchronization. This too can be fixed by using complete synchronization once a day. +::: + **Step 2 –** **Compute expected assignments** @@ -132,10 +135,10 @@ with the assignment rules, and are displayed in the Resource Reconciliation scre Let's detail the rule enforcement mechanisms. -Match context rules +**Match context rules** Dimensions are really the basis of an assignment process. See the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Before starting, a context rule is applied, giving for the input resource: @@ -145,10 +148,10 @@ Before starting, a context rule is applied, giving for the input resource: ![Computing Context For Input Resource](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/enforce-context.webp) -Computing expected role assignments +**Computing expected role assignments** Role assignments, on the other hand, are the outcome of the assignment process. See the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Role assignments are the output of composite role rules and single role rules enforcement. The @@ -158,7 +161,7 @@ resource-identity. ![Computing Expected Role Assignments](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/compute-expected-1.webp) -Enforcing composite role rules +**Enforcing composite role rules** The first rules that are enforced are the composite role rules. See the [Composite Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerolerule/index.md)topic @@ -176,12 +179,15 @@ Then automation rules are enforced on assigned composite roles. See the [Automation Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md) topic for additional information. -**NOTE:** Enforcing automation rules on an assignment means to find, for each assignment, the +:::note +Enforcing automation rules on an assignment means to find, for each assignment, the matching automation rule, looking at the last review or the creation date, comparing it to the time defined in the rule and, if needed, apply the rule decision that may approve or decline the assignment. +::: + -Enforcing single role rules +**Enforcing single role rules** Then, single role rules are enforced. That means assigning a specific single role to the input resource based on its context and existing assigned composite roles, i.e. the composite roles @@ -197,10 +203,10 @@ expected assignments list. Then automation rules are enforced on assigned single roles. -Expected provisioning assignments +**Expected provisioning assignments** Fulfillment is just the consequence of the role assignment process. See the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Provisioning-orders-to-be are the output of resource type rules, navigation rules and scalar rules. @@ -213,7 +219,7 @@ topic for additional information. ![Computing Expected Provisioning Assignments](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/compute-expected-2.webp) -Enforcing resource type rules +**Enforcing resource type rules** Resource type rules are enforced. This means creating and adding assigned resource types to the expected assignments list. This means enforcing the need for a resource of that type to be created @@ -229,7 +235,7 @@ act of assigning a resource to an owner almost always is the consequence of a ro cases for which a single, isolated resource, is "assigned" (i.e. created with specific values) is rare and is more of a solution to a specific technical problem. -Enforcing navigation rules +**Enforcing navigation rules** Finally, navigation rules are enforced. They aim to complete the information about the resource to be created because of the assigned resource types. If the type rule is the what, this is the how. @@ -248,7 +254,7 @@ provisioning-order-to-be, of assigning a role to a resource. This means also no assigned resource type, no navigation assignment. Resource type rules are a prerequisite for the associated navigation rules to be enforced. -Enforcing scalar rules +**Enforcing scalar rules** Finally, the scalar rules associated with the target's resource type are enforced and become assigned resource scalars that will also result in a provisioning order. @@ -362,7 +368,7 @@ non conforming values in the managed systems that need to be fixed. That list will eventually become provisioning orders that will be sent to the agent for fulfillment. -What constitutes a difference? +**What constitutes a difference?** Expected resource and their values not matching the existing resource and their value, for an existing assignment with an `Applied` or `Executed` provisioning state. @@ -452,8 +458,11 @@ Differences are displayed in the following screens: - **Redundant Assignments** displays `Approved` assigned roles and assigned resource types tagged as eligible to be turned into `Calculated`. -_Remember,_ **Role Review** is a little bit different as it displays manually requested assignments +:::tip +Remember, **Role Review** is a little bit different as it displays manually requested assignments waiting for manual approval. +::: + ### A target value to update diff --git a/docs/identitymanager/6.2/integration-guide/role-assignment/existingassignmentsdeduction/index.md b/docs/identitymanager/6.2/integration-guide/role-assignment/existingassignmentsdeduction/index.md index b4aa2b4d27..c293d3149b 100644 --- a/docs/identitymanager/6.2/integration-guide/role-assignment/existingassignmentsdeduction/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-assignment/existingassignmentsdeduction/index.md @@ -7,7 +7,7 @@ sidebar_position: 100 # Existing Assignments The -[ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) can deduce from synchronized data a list of assignments for every identity. ## Overview diff --git a/docs/identitymanager/6.2/integration-guide/role-assignment/generate-contexts/index.md b/docs/identitymanager/6.2/integration-guide/role-assignment/generate-contexts/index.md index da370f7e89..2bf771cd6b 100644 --- a/docs/identitymanager/6.2/integration-guide/role-assignment/generate-contexts/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-assignment/generate-contexts/index.md @@ -7,9 +7,9 @@ sidebar_position: 50 # Generate Contexts A context is a set of dimension-value pairs computed using the -[ Context Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) or the +[Context Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) or the combination of a context rule and the -[ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) if record +[Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) if record sections are configured. A context is used to compute the role assignments for an identity by verifying that the @@ -19,7 +19,7 @@ dimension-value pairs meet the role criteria. When using only a context rule without a record section, the context generation is straightforward: a set of dimension-value pairs is created by computing the value of the dimension bindings on the -[ Context Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md). +[Context Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md). > For example, the following context rule defines guests' contexts based on their start date, end > date, and company. @@ -36,7 +36,7 @@ As described in the [Identity Management](/docs/identitymanager/6.2/integration- complex to model. Records were introduced to tackle this complexity by allowing multiple positions for the same identity. -[ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) go further +[Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) go further by modeling the relationship between positions. Indeed with record sections, it is possible to define: @@ -174,4 +174,4 @@ By default, the previous position is extended when there is a gap. If there isn' position then the next position will be anticipated. The choice of the position to extend can be configured by leveraging the `SortKeyExpression` in the -position [ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). +position [Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). diff --git a/docs/identitymanager/6.2/integration-guide/role-assignment/index.md b/docs/identitymanager/6.2/integration-guide/role-assignment/index.md index 428cd2d729..e1bf62a00b 100644 --- a/docs/identitymanager/6.2/integration-guide/role-assignment/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-assignment/index.md @@ -10,4 +10,4 @@ Once the role model is established, role assignment can be performed, i.e. missi assignments can be detected in order to give users the appropriate access rights. Be sure to read first the documentation about the role model. See the -[ Role Model ](/docs/identitymanager/6.2/integration-guide/role-model/index.md) topic for additional information. +[Role Model](/docs/identitymanager/6.2/integration-guide/role-model/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/role-assignment/indirectpermissions/index.md b/docs/identitymanager/6.2/integration-guide/role-assignment/indirectpermissions/index.md index b293c62dd2..8cf7c0f0c5 100644 --- a/docs/identitymanager/6.2/integration-guide/role-assignment/indirectpermissions/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-assignment/indirectpermissions/index.md @@ -8,7 +8,7 @@ sidebar_position: 120 Identity Manager can compute, for a given identity, permissions that are obtained implicitly or indirectly through assignments. The -[ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) is responsible for this functionality. ## Overview @@ -22,7 +22,7 @@ transitive permission acquisitions. These permissions are called indirect. This extended when permissions in a managed system also give other permissions in an external system. Indirect Permissions are automatically computed by the -[ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) along with standard explicit or direct permissions during a full update. Indirect permissions will not be computed when processing a single user (for instance through "Repair Data (helpdesk)") or during simulations. @@ -30,23 +30,23 @@ during simulations. ## Configuration The computation of Indirect Permissions is based on the configured -[ Indirect Resource Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/indirectresourcerule/index.md). +[Indirect Resource Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/indirectresourcerule/index.md). These rules tell Identity Manager how to navigate the managed system and how to recover permissions that a user inherits implicitly. An Indirect Resource Rule is composed of the following properties: - `ResourceType`—The [Resource Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) to which the rule will be applied. -- `Property` — The [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) +- `Property` — The [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to the user permission in the _target_ system. - `Correspondence` (optional)— The - [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that is used to + [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that is used to recover the correspondence of a resource from the _target_ system in the _external_ system. - `CorrespondenceMembershipProperty` (optional) — The - [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to + [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to the user permission in an _external_ system. - `Entitlement` (optional) — The - [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that can be + [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that can be configured if the permission in the _external_ system needs to be recovered from the discovered resources. For instance one can use this property to recover the entitlements of Sharepoint groups (while `CorrespondenceMembershipProperty` will be used to recover the group membership graph). @@ -58,16 +58,16 @@ If `Entitlement` is specified, then both `Correspondence` and `CorrespondenceMem also need to be specified. - `TargetEntityTypeProperty` — The - [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which identifies + [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which identifies each rule given a resource type. - `TargetEntityTypeReflexiveProperty` — The - [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to + [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to the user permission in the _target_ system. -- `IndirectResourceBinding`— The [ Bindings ](/docs/identitymanager/6.2/integration-guide/toolkit/bindings/index.md) that is used to +- `IndirectResourceBinding`— The [Bindings](/docs/identitymanager/6.2/integration-guide/toolkit/bindings/index.md) that is used to recover an assignment from a permission in either system (target or external). It is also used to define the correspondence between resources in both systems. - `IndirectResourceReflexiveProperty` (optional): The - [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to + [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to the user permission in an _external_ system. Correspondences between resources are necessarily one-sided: the Indirect Permissions computation is @@ -75,22 +75,22 @@ started in the managed system and if a correspondence is found, the computation the external system. Correspondences won't be checked in the external system. An example of an Indirect Resource Rule configuration is available in How-To: -[ Configure Indirect Permissions ](/docs/identitymanager/6.2/integration-guide/role-assignment/configureindirectpermissions/index.md) in an Active +[Configure Indirect Permissions](/docs/identitymanager/6.2/integration-guide/role-assignment/configureindirectpermissions/index.md) in an Active Directory. ## What Can Be an Indirect Permission? The -[ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) will create indirect Assigned Resource Navigations for the permissions that it finds, but if and only if these permissions are associated with a [Resource Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md). -If a [ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) is associated +If a [Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) is associated with one of these Resource Navigation Rules, then an indirect Single Role will also be recovered. Finally, if at least one indirect Single Role is used to recover a -[ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md), then the +[Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md), then the Composite Role will also be indirect. ## What Can Be Done with Indirect Permissions? diff --git a/docs/identitymanager/6.2/integration-guide/role-assignment/infer-single-roles/index.md b/docs/identitymanager/6.2/integration-guide/role-assignment/infer-single-roles/index.md index 86344487fd..dae6f12db2 100644 --- a/docs/identitymanager/6.2/integration-guide/role-assignment/infer-single-roles/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-assignment/infer-single-roles/index.md @@ -9,14 +9,14 @@ sidebar_position: 70 This guide shows how to assign several single roles via the assignment of one composite role. It is possible to infer SingleRoles with -[ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md). The +[Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md). The SingleRole can only be inferred by the CompositeRole if both the CompositeRole and SingleRole rules are verified. ## Create a Dimension The restriction of resource allocations is done from a filter. To do this, it is necessary to create -a [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) to define which +a [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) to define which EntityTypes the filters will apply to. For the different examples of restrictions, the filters will be based on the EntityType @@ -34,7 +34,7 @@ A CompositeRole is created in the same way as a SingleRole. ``` - +**** ``` @@ -47,7 +47,7 @@ The CompositeRoleRule can be limited with the use of dimensions. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/role-assignment/nonconformingdetection/index.md b/docs/identitymanager/6.2/integration-guide/role-assignment/nonconformingdetection/index.md index e8e21a8f1b..e850b97452 100644 --- a/docs/identitymanager/6.2/integration-guide/role-assignment/nonconformingdetection/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-assignment/nonconformingdetection/index.md @@ -7,7 +7,7 @@ sidebar_position: 110 # Non-Conforming Assignments The -[ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) is able to detect from synchronized data a list of non-conforming or missing resources/entitlements for every identity. That is one of Identity Manager's most powerful governance features, provided you have a full role model configured. @@ -15,13 +15,13 @@ you have a full role model configured. ## Build the conforming assignment list The **first step** is building the conforming assignment list, as explained in the -[ Conforming Assignments ](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md). This list (list `A`) +[Conforming Assignments](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md). This list (list `A`) includes the assignments that perfectly comply with the role model/assignment policy. ## Build the existing assignment list The **second step** is building the existing assignment list (list `B`), as explained in -the[ Existing Assignments ](/docs/identitymanager/6.2/integration-guide/role-assignment/existingassignmentsdeduction/index.md) every synced resource can be +the[Existing Assignments](/docs/identitymanager/6.2/integration-guide/role-assignment/existingassignmentsdeduction/index.md) every synced resource can be translated into a role assignment following the assignment rules "in reverse". ## Compare both lists diff --git a/docs/identitymanager/6.2/integration-guide/role-assignment/restrict-assignment/index.md b/docs/identitymanager/6.2/integration-guide/role-assignment/restrict-assignment/index.md index 5b13d84766..614889f1be 100644 --- a/docs/identitymanager/6.2/integration-guide/role-assignment/restrict-assignment/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-assignment/restrict-assignment/index.md @@ -12,7 +12,7 @@ or resource type. ## Create a Dimension The restriction of resource allocations is done from a filter. To do this, it is necessary to create -a [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) to define which +a [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) to define which EntityTypes the filters will apply to. For the different examples of restrictions, the filters will be based on the EntityType @@ -27,7 +27,7 @@ For the different examples of restrictions, the filters will be based on the Ent ## Create a Single Role To be able to filter with the dimensions previously created, it is necessary to first create -[ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) which will +[Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) which will serve as a restriction to the assignment of ResourceTypes for a given source. The example below creates a SingleRole for the EntityType Directory_User (source of the @@ -47,7 +47,7 @@ We will define a ``` - +**** ``` @@ -55,7 +55,7 @@ D1 represents the dimension whose ColumnMapping="1". ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/role-assignment/role-model-rules/index.md b/docs/identitymanager/6.2/integration-guide/role-assignment/role-model-rules/index.md index 7e3ca207b9..c1da0fa437 100644 --- a/docs/identitymanager/6.2/integration-guide/role-assignment/role-model-rules/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-assignment/role-model-rules/index.md @@ -13,7 +13,7 @@ and risks. It contains the role model and risks definition. The Introduction Guide introduced the role model and how it influences assigning entitlements to identities. Let's sum up the key principles here. See the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. 1. Identities are resources. @@ -22,13 +22,13 @@ topic for additional information. assignment policy to grant entitlements to identities, i.e. granting a role entails granting entitlements. 4. The role model is first a catalog of available roles - ([ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and - [ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md)), + ([Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and + [Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md)), identified by meaningful names aimed at non-technical end-users. These roles represent status of trust and privileges, to be assigned to identities, manually or automatically. 5. The role model is also a set of rules aiming at assign automatically roles to identities, based on relevant criteria, namely - [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md). + [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md). 6. The role model classifies resources by security concerns thanks to resource types. 7. The role model contains correlation rules identifying ownership of target resource by an identity. @@ -36,7 +36,7 @@ topic for additional information. values should be computed from source resource values. Resource types, single roles and composite roles can be grouped into -[ Category ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/category/index.md). They are used in the +[Category](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/category/index.md). They are used in the UI to organize the Roles catalog display. Categories are organized in a hierarchical tree structure. ### Policy @@ -62,13 +62,13 @@ knowledgeable member of the target organization, to define key criteria on which of entitlements decisions. Those key criteria are called dimensions. The integration team defines -[ Context Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) and -[ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md)in the +[Context Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) and +[Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md)in the applicative configuration that assigns, for every identity, a context as a set of dimension-value pair. The details of how contexts are generated can be found in -[ Generate Contexts ](/docs/identitymanager/6.2/integration-guide/role-assignment/generate-contexts/index.md). +[Generate Contexts](/docs/identitymanager/6.2/integration-guide/role-assignment/generate-contexts/index.md). Every dimension is associated with a finite set of possible values. That means there is a finite set of possible context. Hence, typical contexts within which an identity operates are modeled. @@ -116,7 +116,7 @@ The following gives a few ideas about how a to approach the writing of a role mo The first iteration of building of the organization reference model starts to reveal the archetypal responsibilities and positions of the members of the organization. A -[ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) is defined for +[Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) is defined for every fine-grained organization-level responsibility or position. ##### Example @@ -147,7 +147,7 @@ The project manager needs access to the `data0` and `data1` servers with client ### 2. Identify navigation rules and ownership -For every [ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) assigned +For every [Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) assigned to an identity, fine-grained entitlements need to be granted. Those are the resource values in a managed system. @@ -159,7 +159,7 @@ They are materialized by: - Provisioning rules, such as Resource Type rules that decide what resources should be found in the managed systems; and navigation rules or scalar rules, that identify actual values to be fulfilled from the identity to which the single role is assigned; -- [ Resource Correlation Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) +- [Resource Correlation Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) that identify for an identity, the target resources to fulfill; - Resource type that organize resources and describe a source/target (or owner/resource) relationship. @@ -187,18 +187,18 @@ account, used to login to work, must be known. To modelize that need within the role model, every identity with `Internet Access` single role is associated with an Active Directory account. We can find the Active Directory for an identity by comparing the identity email with the Active Directory entry e-mail. That's an example of -[ Resource Correlation Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) +[Resource Correlation Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) that define the ownership of an Active Directory entry resource by an identity resource. ### 3. Write assignment rules [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) describe criteria for which a -[ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) is assigned to a +[Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) is assigned to a resource. The main criterion is a dimension value. For a given resource, the single role is assigned if the resource's context matches the given dimension value. The second criterion is the assignment of a specific -[ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) (see +[Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) (see further). A navigation rule describes a fine-grained entitlement in the form of resource association such as a @@ -224,8 +224,8 @@ Active Directory entry resource should be set to the AD group named `Internet Ac ### 4. Use Composite Roles To Organize Single Roles (optional) -[ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) can be packaged -into [ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md). +[Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) can be packaged +into [Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md). Assigning a composite role to an identity immediately assigns the packaged single role to that identity. Single roles assigned this way are said to be inferred. @@ -256,7 +256,7 @@ This series of steps is actually a very simplified version of the ![Cascading From Dimensions To Roles To Provisioning Orders](/img/product_docs/identitymanager/saas/integration-guide/role-model/role-model-rules/enforce-assignment-policy-summary.webp) ---- +**---** ## Evaluate Policy diff --git a/docs/identitymanager/6.2/integration-guide/role-mining/index.md b/docs/identitymanager/6.2/integration-guide/role-mining/index.md index 2dfd261ffb..ae9c8da216 100644 --- a/docs/identitymanager/6.2/integration-guide/role-mining/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-mining/index.md @@ -8,13 +8,13 @@ sidebar_position: 100 Role mining aims to reduce the cost of entitlement management by automating entitlement assignments, via the analysis of existing assignments. See the -[ Automate Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md) topic for +[Automate Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md) topic for additional information. ## Overview After the role catalog is established, the -[ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) is able to assign single roles to users according to their attributes which are used as assignment criteria. @@ -34,7 +34,7 @@ assign single roles to certain users matching given criteria. Role mining is a Machine Learning process. It is a statistic tool used to emphasize the dimensions that constitute the key criteria for existing role assignments. See the -[ Conforming Assignments ](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md)topic for +[Conforming Assignments](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md)topic for additional information. It detects the most probable links between identities dimensions and their roles in order to suggest the appropriate entitlement assignment rules. @@ -45,14 +45,14 @@ roles in order to suggest the appropriate entitlement assignment rules. Role mining being a statistic tool based on existing entitlement assignments, it appears useless if the role model contains fewer than 2,000 role assignments. Then, start by reinforcing the -[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md). +[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md). ### Technical Principles Role mining works through -[ Mining Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md) that Identity Manager +[Mining Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md) that Identity Manager applies with the -[ Get Role Mining Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md). +[Get Role Mining Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md). ### Entitlement differentiation with rule types @@ -123,13 +123,13 @@ remain unchanged: ## Perform Role Mining See the -[ Perform Role Mining ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) for +[Perform Role Mining](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) for additional information. ### Simulation Be aware that you can configure the -[ Get Role Mining Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) +[Get Role Mining Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) to generate role assignment rules either directly or in a [Simulation](/docs/identitymanager/6.2/integration-guide/simulation/index.md). Simulating the results of role mining allows a knowledgeable user to analyze the impact of role diff --git a/docs/identitymanager/6.2/integration-guide/role-model/index.md b/docs/identitymanager/6.2/integration-guide/role-model/index.md index c1f980673a..7af1187498 100644 --- a/docs/identitymanager/6.2/integration-guide/role-model/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-model/index.md @@ -11,7 +11,7 @@ It is composed mainly of roles, representing entitlements, and rules, enforcing assignment policies. Make sure to read the introduction on entitlement management first. See the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. ## Roles @@ -31,7 +31,7 @@ In this way, the role model can be seen as a ## Assignment Rules An -[ Automate Role Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) +[Automate Role Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) gives an entitlement to a user, usually based on (at least) one criterion from the user's data. Assignment rules are: diff --git a/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md b/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md index 68d3f6a10a..e32f334a3a 100644 --- a/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md +++ b/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md @@ -6,7 +6,7 @@ and risks. It contains the role model and risks definition. ## The Role Model The Introduction Guide introduced the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) and +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) and how it influences assigning entitlements to identities. Let's sum up the key principles here. 1. Identities are resources. @@ -15,13 +15,13 @@ how it influences assigning entitlements to identities. Let's sum up the key pri assignment policy to grant entitlements to identities, i.e. granting a role entails granting entitlements. 4. The role model is first a catalog of available roles - ([ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and - [ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md)), + ([Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and + [Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md)), identified by meaningful names aimed at non-technical end-users. These roles represent status of trust and privileges, to be assigned to identities, manually or automatically. 5. The role model is also a set of rules aiming at assign automatically roles to identities, based on relevant criteria, namely - [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md). + [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md). 6. The role model classifies resources by security concerns thanks to resource types. 7. The role model contains correlation rules identifying ownership of target resource by an identity. @@ -29,7 +29,7 @@ how it influences assigning entitlements to identities. Let's sum up the key pri values should be computed from source resource values. Resource types, single roles and composite roles can be grouped into -[ Category ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/category/index.md). They are used in the +[Category](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/category/index.md). They are used in the UI to organize the Roles catalog display. Categories are organized in a hierarchical tree structure. ### Policy @@ -179,7 +179,7 @@ account, used to login to work, must be known. To modelize that need within the role model, every identity with `Internet Access` single role is associated with an Active Directory account. We can find the Active Directory for an identity by comparing the identity email with the Active Directory entry e-mail. That's an example of -[ Resource Correlation Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) +[Resource Correlation Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) that define the ownership of an Active Directory entry resource by an identity resource. ### 3. Write assignment rules @@ -246,7 +246,7 @@ This series of steps is actually a very simplified version of the ![Cascading From Dimensions To Roles To Provisioning Orders](/img/product_docs/identitymanager/saas/integration-guide/role-model/role-model-rules/enforce-assignment-policy-summary.webp) ---- +**---** ## Evaluate Policy diff --git a/docs/identitymanager/6.2/integration-guide/simulation/index.md b/docs/identitymanager/6.2/integration-guide/simulation/index.md index 5982b56c78..a5e3dc539b 100644 --- a/docs/identitymanager/6.2/integration-guide/simulation/index.md +++ b/docs/identitymanager/6.2/integration-guide/simulation/index.md @@ -15,18 +15,18 @@ Identity Manager's simulations gather roles and rules which are to be created, m without being inserted in the actual role model straight away. More specifically, a simulation can involve: -- [ Resource Correlation Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) +- [Resource Correlation Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) and - [ Resource Classification Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md); + [Resource Classification Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md); - Scalar rules and navigation rules; - [Resource Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) rules; -- [ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and - [ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md); +- [Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and + [Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md); - [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md)and [Composite Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerolerule/index.md). A simulation can also be created by the role mining tool for the automation of role assignments. See -the [ Perform Role Mining ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) +the [Perform Role Mining](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) topic for additional information. Through simulation, integrators can: @@ -44,5 +44,5 @@ action (creation/modification/deletion) on the role model. ## Perform a Simulation -See the [ Perform a Simulation ](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) for additional +See the [Perform a Simulation](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) for additional information. diff --git a/docs/identitymanager/6.2/integration-guide/synchronization/index.md b/docs/identitymanager/6.2/integration-guide/synchronization/index.md index d4dbe8f8ce..82dea77625 100644 --- a/docs/identitymanager/6.2/integration-guide/synchronization/index.md +++ b/docs/identitymanager/6.2/integration-guide/synchronization/index.md @@ -8,10 +8,10 @@ sidebar_position: 60 The documentation is not yet available for this page and will be completed in the near future. -See more information about [ Upward Data Synchronization ](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md). +See more information about [Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md). -See how to [ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md)for a given managed +See how to [Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md)for a given managed system. See how to anticipate changes due to synchronization thanks to -[ Thresholds ](/docs/identitymanager/6.2/integration-guide/synchronization/synchro-thresholds/index.md). +[Thresholds](/docs/identitymanager/6.2/integration-guide/synchronization/synchro-thresholds/index.md). diff --git a/docs/identitymanager/6.2/integration-guide/synchronization/synchro-thresholds/index.md b/docs/identitymanager/6.2/integration-guide/synchronization/synchro-thresholds/index.md index bbb536b81b..0642eabccb 100644 --- a/docs/identitymanager/6.2/integration-guide/synchronization/synchro-thresholds/index.md +++ b/docs/identitymanager/6.2/integration-guide/synchronization/synchro-thresholds/index.md @@ -17,7 +17,7 @@ Thresholds can be deactivated via the value `0`, though they should not all be. "guarded" by at least one threshold. Once the changes have been reviewed, the blocked job can be resumed (or not). See the -[ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) topic for additional +[Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) topic for additional information. As long as a synchronization job is blocked for a connector, the export, prepare-synchronization and @@ -29,7 +29,7 @@ launched in complete mode. Synchronization thresholds can be configured in XML files via: -- [ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) to +- [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) to count the number of resources impacted by synchronization inside a given entity type. They are configured with: @@ -39,7 +39,7 @@ Synchronization thresholds can be configured in XML files via: | `MaximumInsertedLines` | `MaxPercentageInsertedLines` | | `MaximumUpdatedLines` | `MaxPercentageUpdatedLines` | -- [ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +- [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) to count the number of navigation properties impacted by synchronization inside a given entity type. They are configured with: @@ -48,7 +48,7 @@ Synchronization thresholds can be configured in XML files via: | `MaximumLinkDeletedLines` | `MaxLinkPercentageDeletedLines` | | `MaximumLinkInsertedLines` | `MaxLinkPercentageInsertedLines` | -- [ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) to count the number +- [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) to count the number of resources and/or navigation properties impacted by synchronization inside all entity types of a given connector. They are configured with: @@ -76,5 +76,5 @@ If the entity type's threshold values are higher than the connector's, then Iden synchronization as soon as the number of modifications exceeds the connector's threshold values (100 resources or 1000 navigation properties). -Distinct [ Thresholds ](/docs/identitymanager/6.2/integration-guide/provisioning/prov-thresholds/index.md) are configurable for +Distinct [Thresholds](/docs/identitymanager/6.2/integration-guide/provisioning/prov-thresholds/index.md) are configurable for provisioning. diff --git a/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md b/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md index c5edcced29..24b53f4958 100644 --- a/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md +++ b/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md @@ -16,14 +16,14 @@ Performing a _Sync Up_ allows the user to: the assignment computation; - check that previously edited provisioning orders have been accurately executed; - ascertains differences between the real managed system state and the - [ Assignment Policy ](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) theoretical state. + [Assignment Policy](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md) theoretical state. ## Overview ### A scheduled sync up per managed system _Sync Up_ is performed regularly, at least every day, as a set of -[ Tasks & Jobs ](/docs/identitymanager/6.2/integration-guide/tasks-jobs/index.md). +[Tasks & Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/index.md). A _Sync Up_ is planned for every managed system that interact with Identity Manager. @@ -116,12 +116,12 @@ writing a custom _Export_ process. If the managed system has built-in export capabilities, Identity Manager can simply rely on exports scheduled by the source managed system. Regularly, the managed system generates reports, in whatever format. A custom task, such as a -[ Invoke Expression Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md), +[Invoke Expression Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md), can then be used to retrieve the generated exports, adapt them to the _CSV source files_ format expected by Identity Manager and copy them to the [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md) export directory. The whole can be scheduled and orchestrated by a -[ Jobs ](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md). +[Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md). **For example**, a common scenario is to configure an HR management system to perform daily extracts of its data to CSV files for the _Agent_ to find. This usually can be set up without any Identity @@ -130,11 +130,11 @@ Manager's task, just by using the managed system and the organization's network If the managed system does not provide built-in export features but provides an API or an exposed database, it's possible to write a custom _export_ process based on that API or direct requests to the managed system's database. This process can then be used as an _export task_ wrapped in a -[ Invoke Expression Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) +[Invoke Expression Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) or an -[ Invoke Sql Command Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokesqlcommandtask/index.md). +[Invoke Sql Command Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokesqlcommandtask/index.md). See the -[ Invoke Expression Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) +[Invoke Expression Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) topic for additional information. Any Windows process that can be called from a PowerShell script and generate a CSV file can serve as an export process. @@ -195,7 +195,7 @@ work together to find the best compromise between reliability and execution time The following example demonstrates the native Active Directory export process. Exporting data from an Active Directory can be achieved by using the -[ Export Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) task within a +[Export Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) task within a Job. The Tasks requests from the source Active Directory all entries that match a configured filter. It @@ -242,19 +242,11 @@ CN=SG_APP_AG002,DC=internal;CN=U51630,DC=internal The aim of the _Sync Up_ is to load managed systems' data into the resource repository. As such, it requires Identity Manager to translate data from the managed system format (or, more accurately, the _export task_'s output format) into the resource repository format, that is, the [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md). -The translation rules are described in the applicative configuration by [ -Entity Type Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and [ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) elements. +The translation rules are described in the applicative configuration by [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) elements. Entity Type Mapping elements map the resources _CSV source files_ columns to [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md) properties. Each mapping also identifies one column as the _primary key_ for this Entity Type. The _primary key_ is used to uniquely identify a resource in the _Sync Up_ process. It's mandatory to be able to perform _incremental__Sync Up_, as it allows to identify a resource on which an _update_ or a _delete_ has to be performed. -[ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) elements translate the _CSV source files_ into [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md). They describe rules identifying associations between resources loaded thanks to the [](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)[ -Entity Type Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md). +[Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) elements translate the _CSV source files_ into [Entity Model](/docs/identitymanager/6.2/integration-guide/entity-model/index.md). They describe rules identifying associations between resources loaded thanks to the [](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md). ## Prepare Synchro @@ -268,22 +260,14 @@ It's performed on the _Agent_-side. The following actions are performed on the _CSV source files._ -1. Removing columns that are not used in [ - Entity Type Mapping - ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or [ - Entity Association Mapping - ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +1. Removing columns that are not used in [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) 2. Entries that have a null primary key 3. Removing duplicates 4. Sorting entries according to the primary key The result of the _Prepare-Synchronization_ is stored in the [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings/index.md) export directory as three files: -For every entity type of the relevant _Connector_ involved in an[ -Entity Type Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or an[ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) `````` , a ```.sorted.csv``` file is generated, containing the final, cleaned, sorted result. +For every entity type of the relevant _Connector_ involved in an[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or an[Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) `````` , a ```.sorted.csv``` file is generated, containing the final, cleaned, sorted result. Duplicates are kept in a separate ```.duplicates.csv``` file. @@ -327,9 +311,7 @@ Of course, any notification of a _complete__Prepare-Synchronization_ would cance ### Prepare synchronization tasks -- [ - Prepare Synchronization Task - ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) is the standard _prepare-synchronization_ task. +- [Prepare Synchronization Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) is the standard _prepare-synchronization_ task. - PrepareSynchronization Change Task is used to process data source files containing changes. - PrepareSynchronization ActiveDirectory Task is specialized for Active Directory. This task handles Active Directory _incremental_ prepare-synchronization by using Active Directory _cookies_. @@ -345,11 +327,7 @@ _Synchronization_ is the last step. It loads data into the resource repository f ### Translating -Before writing to the Identity Manager's database, the _Server_ uses [ -Entity Type Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and[ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) to translate _CSV source files_ into _Entity Model compliant_ resources and resolve association links. +Before writing to the Identity Manager's database, the _Server_ uses [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and[Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) to translate _CSV source files_ into _Entity Model compliant_ resources and resolve association links. ### Tables @@ -364,9 +342,7 @@ The _Synchronization_ step involves four tables from Identity Manager's database _Complete__synchronization_ starts with a ```.sorted.csv``` file that contains cleaned data, as in whole data, not mere changes. -_Complete synchronization_ replaces entirely the database resources. That means that all resource, for that [ -Connector -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md), that are in the database but not in the _CSV source files_ will be deleted. That means no change made to the database from outside of the connectors or the UI are persistent. +_Complete synchronization_ replaces entirely the database resources. That means that all resource, for that [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md), that are in the database but not in the _CSV source files_ will be deleted. That means no change made to the database from outside of the connectors or the UI are persistent. _Complete synchronization_ does not blindly insert data into Identity Manager database. Its aim is to update Identity Manager database to match the ```.sorted``` files received. @@ -396,9 +372,7 @@ Then, changes according to the _command_ column are applied to UR_Resources and ### Synchronization tasks -- [ - Synchronize Task - ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) is the standard _synchronization_ task. +- [Synchronize Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) is the standard _synchronization_ task. - SynchronizeChanges Task is used to handle changes together with PrepareSynchronization Change Task. - SynchronizeActive Directory Task is specialized for Active Directory. To be used with PrepareSynchronizationActiveDirectory Task. @@ -428,13 +402,7 @@ _Incremental_ mode also offers another optimization that will be described in th A introduced earlier, to mitigate the risk of data loss in the case of abnormal data source files, the _synchronization Job_ is locked if the number of changes to apply goes over a specific threshold. -Thresholds can be configured by the user in the applicative configuration and be specific to a [ -Connector -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md), an [ -Entity Type Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and/or an[ -Entity Association Mapping -](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). They are expressed as number of lines (ex: ```MaximumInsertedLines```) or as a rate (ex: ```MaxPercentageDeletedLines```). +Thresholds can be configured by the user in the applicative configuration and be specific to a [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md), an [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and/or an[Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). They are expressed as number of lines (ex: ```MaximumInsertedLines```) or as a rate (ex: ```MaxPercentageDeletedLines```). A synchronization task locked by a threshold can be unlocked by executing the Synchronization Validation task. @@ -442,9 +410,7 @@ Thresholds are ignored in _initial_ mode. The task's argument ```-force``` can be used to ignore thresholds. ---- +**---** -Next, a word about the [ -Assignment Policy -](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md). +Next, a word about the [Assignment Policy](/docs/identitymanager/6.2/integration-guide/role-model/role-model-rules/index.md). ```` diff --git a/docs/identitymanager/6.2/integration-guide/tasks-jobs/build-efficient-jobs/index.md b/docs/identitymanager/6.2/integration-guide/tasks-jobs/build-efficient-jobs/index.md index bf28658339..7aa74f01af 100644 --- a/docs/identitymanager/6.2/integration-guide/tasks-jobs/build-efficient-jobs/index.md +++ b/docs/identitymanager/6.2/integration-guide/tasks-jobs/build-efficient-jobs/index.md @@ -8,8 +8,11 @@ sidebar_position: 30 This topic shows how to build efficient jobs by minimizing their costs. -**NOTE:** The rules below must be followed when creating a new job, otherwise the frequent launch of +:::note +The rules below must be followed when creating a new job, otherwise the frequent launch of this scheduled job will trigger errors in a SaaS environment. +::: + ### Prerequisites @@ -33,7 +36,7 @@ additional information. Most jobs are included in job scaffoldings, thus configured in the most optimal way. So start by using scaffoldings to build jobs. See the -[ Jobs ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md) topic for +[Jobs](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md) topic for additional information. For example, the creation from scratch of a job to perform a complete synchronization for a @@ -56,7 +59,7 @@ additional information. ## Rule 2: Compute Only What's Necessary -Execute the tasks on the right entity types +**Execute the tasks on the right entity types** Many tasks can be executed either on all entity types, or on a given list of entity types. @@ -76,7 +79,7 @@ script in the command line.                      ``` -Launch incremental tasks rather than complete +**Launch incremental tasks rather than complete** When a task is supposed to be executed on changes only, then there is no use executing the task in complete mode. @@ -102,7 +105,7 @@ Identity Manager's tasks are all linked together by a logical chain that implies supposed to be executed after some others. Make sure to understand the tasks' logical chain to launch only the relevant tasks. See the -[ Troubleshoot Connector Jobs ](/docs/identitymanager/6.2/integration-guide/tasks-jobs/troubleshoot-connector-jobs/index.md) topic for additional information. +[Troubleshoot Connector Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/troubleshoot-connector-jobs/index.md) topic for additional information. For example, there is no use computing expressions or correlations if there was beforehand no change in the database. Thus, there should not be UpdateEntityPropertyExpressionsTask or diff --git a/docs/identitymanager/6.2/integration-guide/tasks-jobs/configure-incremental-job/index.md b/docs/identitymanager/6.2/integration-guide/tasks-jobs/configure-incremental-job/index.md index 3cde183c9e..b96cefc077 100644 --- a/docs/identitymanager/6.2/integration-guide/tasks-jobs/configure-incremental-job/index.md +++ b/docs/identitymanager/6.2/integration-guide/tasks-jobs/configure-incremental-job/index.md @@ -37,7 +37,7 @@ Configure a job to be incremental by proceeding as follows: > ``` 2. Tag all changed resources by running - [ Set Recently Modified Flag Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) + [Set Recently Modified Flag Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) after SynchronizeTask. > For example, following the synchronization task for the Active Directory: diff --git a/docs/identitymanager/6.2/integration-guide/tasks-jobs/fulfillldap/index.md b/docs/identitymanager/6.2/integration-guide/tasks-jobs/fulfillldap/index.md index 5302611b76..9cc6083b7b 100644 --- a/docs/identitymanager/6.2/integration-guide/tasks-jobs/fulfillldap/index.md +++ b/docs/identitymanager/6.2/integration-guide/tasks-jobs/fulfillldap/index.md @@ -28,7 +28,7 @@ This configuration is to use the fill for the LDAP and configure the Reset Passw ## Add connection information to AD Connect -The [ LDAP ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldap/index.md) connection information define +The [LDAP](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/ldap/index.md) connection information define this section to add all information to use the AD Fulfillment. ``` @@ -38,12 +38,10 @@ appsettings.agent.json "Connections": { ... "ADFulfillment": { - "Servers": [ - { + "Servers": [{ "Server": "paris.contoso.com", "BaseDN": "DC=paris,DC=com" - } - ], + }], "AuthType": "Basic", "Login": "CN=exampleCn,DC=exampleDc1,DC=exampleDc2", "Password": "Password", @@ -54,7 +52,7 @@ appsettings.agent.json ``` After defining this settings, encrypt this JSON file with -[ Usercube-Protect-X509JsonFile ](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonfile/index.md). +[Usercube-Protect-X509JsonFile](/docs/identitymanager/6.2/integration-guide/executables/references/protect-x509jsonfile/index.md). ## Configure The FulfillTask diff --git a/docs/identitymanager/6.2/integration-guide/tasks-jobs/index.md b/docs/identitymanager/6.2/integration-guide/tasks-jobs/index.md index 6a5ffb0de2..7d905879f3 100644 --- a/docs/identitymanager/6.2/integration-guide/tasks-jobs/index.md +++ b/docs/identitymanager/6.2/integration-guide/tasks-jobs/index.md @@ -11,9 +11,9 @@ actions, and jobs to orchestrate the tasks together. See the [Tasks](/docs/identitymanager/6.2/integration-guide/tasks-jobs/tasks/index.md) topic for additional information. -See the [ Jobs ](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md) topic for additional information. +See the [Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md) topic for additional information. -See the [ Tasks ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md) topic for additional +See the [Tasks](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md) topic for additional information. Make sure to read how to [Build Efficient Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/build-efficient-jobs/index.md). @@ -31,7 +31,7 @@ each one materialized into a building block of your Identity Manager solution. E serves a specific and well delimited IGA function. These building blocks are called [Tasks](/docs/identitymanager/6.2/integration-guide/tasks-jobs/tasks/index.md), and can be easily organized together and -scheduled in [ Jobs ](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md). +scheduled in [Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md). This approach makes for a perfectly customizable product. It also tremendously helps our users to ease into Identity Manager by allowing them to understand it piece by piece. diff --git a/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobdaily/index.md b/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobdaily/index.md index 9c6e5a309a..6cf69bc903 100644 --- a/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobdaily/index.md +++ b/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobdaily/index.md @@ -25,14 +25,14 @@ In the following example the Synchronization job for the Connector "AD" will be ``` - +**** ``` ### 2. Create the Export task If a pre-treatment is needed, you must create an -[ Export Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md). Otherwise +[Export Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md). Otherwise it is unnecessary. Choose the Export task corresponding to the connector. If the Export uses the incremental mode, set IgnoreCookieFile to true. @@ -51,7 +51,7 @@ Example : Create the Prepare Synchronization Task with the connector. Set `SynchronizationMode="Complete"` , except for -[ Prepare Synchronization Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) +[Prepare Synchronization Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) which doesn't need this parameter. If it is a Synchronization Changes, or ActiveDirectory, you must precise it with the `Type` attribute. @@ -67,7 +67,7 @@ Example : ``` See the -[ Prepare Synchronization Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) +[Prepare Synchronization Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) for additional information on the PrepareSynchronization task configuration. ### 4. Create the Synchronization task @@ -87,10 +87,10 @@ Example : ``` The Synchronization Validation Task is not needed , since it is managed by the -[ Jobs ](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md) state machine. +[Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md) state machine. For more information on Synchronization task configuration : -[ Synchronize Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) +[Synchronize Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) ### 5. Create the UpdateEntityPropertyExpressions task @@ -117,12 +117,12 @@ Example : ``` - +** ** ``` For more information about the ComputeCorrelationKey task configuration: -[ Compute Correlation Keys Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) +[Compute Correlation Keys Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) ### 7. Create the ComputeRoleModel task @@ -141,7 +141,7 @@ The TaskEntityType elements correspond to the sourceEntityTypes in the TargetEntityTypes that are part of the connector to provide. For more information on Compute Role Model task configuration: -[ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) ### 8. Create the GenerateProvisioningOrder task @@ -182,7 +182,7 @@ fulfillment must be not launch in the job. ### 10. Create the UpdateClassification task Create the Update Classification Task. The resource Classification is needed if one or more -[ Resource Classification Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) +[Resource Classification Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) are configured for the connector. ``` @@ -192,7 +192,7 @@ are configured for the connector. ``` For more information on Update Classification Task : -[ Update Classification Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) +[Update Classification Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) ### 11. Create the SetInternalUserProfiles task @@ -211,7 +211,7 @@ becomes useless. ``` For more information on SetInternalUserProfiles Task configuration : -[ Set Internal User Profiles Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) +[Set Internal User Profiles Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) ### 12. Create the all-tasks job @@ -226,4 +226,4 @@ Once the tasks created. You must create the job to launch all tasks. The job can be scheduled with the `CrontabExpression` attribute For more information on job configuration : -[ Job ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/job/index.md) +[Job](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/job/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobfast/index.md b/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobfast/index.md index f47ec170ee..cc29b77478 100644 --- a/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobfast/index.md +++ b/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobfast/index.md @@ -23,14 +23,14 @@ In the following example the Synchronization job for the Connector "AD" will be ``` - +**** ``` ### 2. Create the Export task If a pre-treatment is needed, you must create an -[ Export Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md). Otherwise +[Export Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md). Otherwise it is unnecessary. Choose the Export task corresponding to the connector. All Export task have the ContinueOnError property. It is advisable to begin with the value of True @@ -48,7 +48,7 @@ Example : Create the PrepareSynchronizationTask with the connector. Set `SynchronizationMode="Incremental"` , except for -[ Prepare Synchronization Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) +[Prepare Synchronization Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) which doesn't need this parameter and LDAP connector who need complete mode. If the job contain Exports for the same connector add the a link between the Prepare Synchronization @@ -63,18 +63,18 @@ Example : ``` For more information on PrepareSynchronization task configuration : -[ Prepare Synchronization Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) +[Prepare Synchronization Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) ### 4. Create the Synchronization task Create the SynchronizeTask corresponding to the Prepare Synchronization Task. If the Prepare Synchronization Task is a -[ Prepare Synchronization Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md), +[Prepare Synchronization Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md), then choose the -[ Synchronize Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md), +[Synchronize Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md), else if it is Prepare Synchronization Active Directory Task choose Synchronization ADDir Sync, else choose -[ Synchronize Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md). +[Synchronize Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md). In Incremental mode, you must set the attribute `DoNotDeleteChanges="true"` @@ -91,10 +91,10 @@ Example : ``` The Synchronization Validation Task is not needed , since it is managed by the -[ Jobs ](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md). +[Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md). For more information on Synchronization task configuration : -[ Synchronize Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) +[Synchronize Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) ### 5. Create the SetRecentlyModifiedFlag task @@ -110,7 +110,7 @@ in the database. ``` For more information on SetRecentlyModifiedFlag Task : -[ Set Recently Modified Flag Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) +[Set Recently Modified Flag Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) ### 6. Create the UpdateEntityPropertyExpressions task @@ -129,7 +129,7 @@ Example : ``` For more information on UpdateEntityPropertyExpressions Task configuration : -[ Update Entity Property Expressions Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) +[Update Entity Property Expressions Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) ### 7. Create the ComputeCorrelationKey task @@ -148,7 +148,7 @@ Example : ``` For more information about the Compute Role Model correlation keys task configuration: -[ Compute Correlation Keys Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) +[Compute Correlation Keys Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) ### 8. Create the ComputeRoleModel task @@ -171,7 +171,7 @@ The TaskEntityType elements correspond to the sourceEntityTypes in the TargetEntityTypes that are part of the connector to provide. For more information on Compute Role Model task configuration: -[ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) ### 9. Create the GenerateProvisioningOrder task @@ -210,7 +210,7 @@ fulfillment must be not launch in the job. ### 11. Create the UpdateClassification task Create the Update Classification Task. The resource Classification is needed if one or more -[ Resource Classification Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) +[Resource Classification Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) are configured for the connector. Set the attribute Dirty : `Dirty="true"`. Since dirty mode is enabled, a dependency is only needed to run the expression computation if the @@ -223,7 +223,7 @@ Task SetRecentlyModifiedFlag has been started. ``` For more information on Update Classification Task : -[ Update Classification Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) +[Update Classification Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) ### 12. Create the SetInternalUserProfiles task @@ -242,7 +242,7 @@ becomes useless. ``` For more information on SetInternalUserProfiles Task configuration : -[ Set Internal User Profiles Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) +[Set Internal User Profiles Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) ### 13. Create the all-tasks job @@ -258,4 +258,4 @@ Agent="Local"> For example, Identity Manager's tasks include synchronization, computation of entitlement > assignments, or provisioning of varied managed systems. See the list of all available -> [ Tasks ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md). +> [Tasks](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md). ## Data Consistency diff --git a/docs/identitymanager/6.2/integration-guide/tasks-jobs/troubleshoot-connector-jobs/index.md b/docs/identitymanager/6.2/integration-guide/tasks-jobs/troubleshoot-connector-jobs/index.md index 1a94f941e6..a24b102a2d 100644 --- a/docs/identitymanager/6.2/integration-guide/tasks-jobs/troubleshoot-connector-jobs/index.md +++ b/docs/identitymanager/6.2/integration-guide/tasks-jobs/troubleshoot-connector-jobs/index.md @@ -27,7 +27,7 @@ In order to spot what was exported or not for the next incremental export, cooki in `Temp/ExportCookies`. See the -[ Usercube-Export-Configuration ](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) +[Usercube-Export-Configuration](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) topic for additional information. ### Prepare synchronization @@ -42,7 +42,7 @@ is prepared for synchronization. The output is stored in `Work/Collect`, and sent to the server to queue in `Work/Synchronization`. See the -[ Usercube-Export-Configuration ](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) +[Usercube-Export-Configuration](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) topic for additional information on how to prepare the synchronization executable `Usercube-Prepare-Synchronization`. @@ -64,7 +64,7 @@ The output is stored in `UR_ResourceChanges`. #### Synchronization: finalize When at least one synchronization -[ Thresholds ](/docs/identitymanager/6.2/integration-guide/synchronization/synchro-thresholds/index.md) is exceeded, the change list +[Thresholds](/docs/identitymanager/6.2/integration-guide/synchronization/synchro-thresholds/index.md) is exceeded, the change list can be seen in the **Synchronization Changes** tab, accessible from the job progress screen. When the synchronization thresholds are not exceeded, or they are bypassed, the potential diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/adjust-scaffoldings/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/adjust-scaffoldings/index.md index 24bd0e7fd4..8ad83172c3 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/adjust-scaffoldings/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/adjust-scaffoldings/index.md @@ -31,7 +31,7 @@ and as a last resort, when no scaffolding meets the needs, writing the configura Adjust XML configuration generated by a scaffolding by proceeding as follows: 1. When working via the UI, start by exporting UI configuration elements. See the - [ Usercube-Export-Configuration ](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) + [Usercube-Export-Configuration](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) topic for additional information. 2. Write an XML element whose identifier is the same as the one generated by the scaffolding. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/deploy-configuration/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/deploy-configuration/index.md index 9f1e5808a0..87f2f4c0fd 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/deploy-configuration/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/deploy-configuration/index.md @@ -36,7 +36,7 @@ executable and declaring at least: Deploy a SaaS XML configuration by proceeding as follows: 1. Log in for configuration deployment/export with the - [ Usercube-Login ](/docs/identitymanager/6.2/integration-guide/executables/references/login/index.md) executable. + [Usercube-Login](/docs/identitymanager/6.2/integration-guide/executables/references/login/index.md) executable. Identity Manager provides an OpenID Connect (OIDC) authentication process in order to ensure strong security, visibility and ease of use. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/export-configuration/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/export-configuration/index.md index 47c5ca0b3f..592cebd977 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/export-configuration/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/export-configuration/index.md @@ -16,13 +16,13 @@ The process for configuration export varies according to the situation: - when working SaaS, the configuration must be exported remotely; See the -[ Usercube-Export-Configuration ](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) +[Usercube-Export-Configuration](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) topic for additional information. ## Export the Configuration Locally Export your configuration by using the -[ Usercube-Export-Configuration ](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) +[Usercube-Export-Configuration](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) executable and declaring at least: - the directory where the configuration is to be exported to; @@ -39,7 +39,7 @@ executable and declaring at least: Export a SaaS configuration by proceeding as follows: 1. Log in for configuration deployment/export with the - [ Usercube-Login ](/docs/identitymanager/6.2/integration-guide/executables/references/login/index.md) executable. + [Usercube-Login](/docs/identitymanager/6.2/integration-guide/executables/references/login/index.md) executable. Identity Manager provides an OpenID Connect (OIDC) authentication process in order to ensure strong security, visibility and ease of use. @@ -98,7 +98,7 @@ Export a SaaS configuration by proceeding as follows: Manager instance, to allow the configuration deployment/export. 4. Export the configuration by using the - [ Usercube-Export-Configuration ](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) + [Usercube-Export-Configuration](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) and declaring at least: - the configuration directory; diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/expressions/csharp-utility-functions/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/expressions/csharp-utility-functions/index.md index 4e2e284ba6..6becde8b22 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/expressions/csharp-utility-functions/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/expressions/csharp-utility-functions/index.md @@ -32,7 +32,7 @@ string? BuildUsername(string? firstName, string? lastName, string? separator, st ``` The iteration argument is usually used with the help of -[ Build Unique Value Aspect ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md). +[Build Unique Value Aspect](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md). If the iteration number is greater than 0, it is inserted after the last name. ### Example of use in a BuildUniqueValue aspect: @@ -60,7 +60,7 @@ string? BuildUsernameWithInitials(string? firstName, string? lastName, string? s The `maxLength` argument limits the length of the username. The iteration argument is usually used with the help of -[ Build Unique Value Aspect ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md). +[Build Unique Value Aspect](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md). If it is greater than 0, we use several letters of the first name avoiding as much as possible to insert a number in the built username. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md index 6c7ac18d4b..177c8b833a 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md @@ -14,7 +14,7 @@ attributes. In Identity Manager's XML configuration, some attributes are defined with expressions. Expression attributes do not take a plain string value, but rather an expression that computes a value based on a given input. See the -[ Entity Property Expression ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitypropertyexpression/index.md) and +[Entity Property Expression](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitypropertyexpression/index.md) and [Resource Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topics for additional information. @@ -24,8 +24,11 @@ The expression can either be provided as a built-in function or as a full-fledge the list of available C# utility functions and functions predefined by Identity Manager. See the [Predefined functions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/predefined-functions/index.md) topic for additional information. -**NOTE:** When changing the value of a property that is part of some expressions in the +:::note +When changing the value of a property that is part of some expressions in the configuration, do not expect to see all expressions recomputed right away. +::: + In order to ensure the recomputation of all expressions based on the recent change, wait for the next run of Update Expressions in the complete job or through the corresponding connector's overview @@ -172,14 +175,14 @@ C#:resource:logger.LogDebug("Name={0}", resource.Name); return resource.Name; The following .NET libraries from the white list can be used. -Authorized Namespaces +**Authorized Namespaces** Every class and function from the following namespaces is allowed: - `System.Linq` - `System.Text.RegularExpressions` -Authorized Classes +**Authorized Classes** Beyond the authorized namespaces, the following classes can be used: @@ -197,7 +200,7 @@ Beyond the authorized namespaces, the following classes can be used: - `System.Int32` - `System.Random` -Authorized Methods +**Authorized Methods** Beyond the authorized classes, the following methods can be used: @@ -304,7 +307,7 @@ Literal expressions are not available for QueryRuleTargetExpression attribute, o SourceExpression. Literal expressions are not available for rules targeting a DateTime or Binary property. -Example +**Example** Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/expressions/predefined-functions/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/expressions/predefined-functions/index.md index 59e7488657..42bcc4aa16 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/expressions/predefined-functions/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/expressions/predefined-functions/index.md @@ -8,12 +8,12 @@ sidebar_position: 20 Identity Manager provides a set of predefined functions that simplify the configuration of entity property expressions and scalar rules. See the -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and[Resource Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topics for additional information. Unlike C# expressions, Identity Manager's predefined functions do not need any prefix. They can be -used as such. See the [ C# utility functions ](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/csharp-utility-functions/index.md) topic for +used as such. See the [C# utility functions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/csharp-utility-functions/index.md) topic for additional information. ### Examples diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/file-hierarchy/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/file-hierarchy/index.md index 3e3195ea3f..1d52427698 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/file-hierarchy/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/file-hierarchy/index.md @@ -17,7 +17,7 @@ Element `` is the root element of each configuration file. ``` Each configuration element matches to an entry in the database. Detailed description of the element -can be found in the Data model. See the [ XML Configuration Schema ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/index.md) +can be found in the Data model. See the [XML Configuration Schema](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/index.md) topic for additional information. For example, the structure of the `` element can be found in the diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/index.md index ef230fc90a..26a2275c43 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/index.md @@ -7,16 +7,16 @@ sidebar_position: 210 # Toolkit for XML Configuration The Netwrix Identity Manager (formerly Usercube) configuration is a set of XML files edited -according the Usercube schema. The [ Recommendations ](/docs/identitymanager/6.2/integration-guide/toolkit/recommendations/index.md) part of this +according the Usercube schema. The [Recommendations](/docs/identitymanager/6.2/integration-guide/toolkit/recommendations/index.md) part of this section explains how to set up an editing environment for the configuration. Regardless of the editing space, the configuration persists in the Netwrix Identity Manager (formerly Usercube) database. It's this stored configuration that is used at runtime. The -[ Deploy Configuration Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) +[Deploy Configuration Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) tool is used to **import** a new version of the configuration (from the XML files set). -The[ Usercube-Export-Configuration ](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) can be +The[Usercube-Export-Configuration](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) can be used to **export** the current configuration (to a XML files set). The Identity Manager project's integration cycle consists in developing a configuration by diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/languages/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/languages/index.md index ada4903340..ae45db6576 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/languages/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/languages/index.md @@ -8,7 +8,7 @@ sidebar_position: 50 Some configuration string must be specified in multiple languages. For this, the name of the corresponding XML attribute is suffixed by `_L1`, `_L2`,... `_L8`. For example, the property -_DisplayName_ of an [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) can be +_DisplayName_ of an [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) can be specified in English and French: ``` @@ -18,12 +18,12 @@ specified in English and French: ``` -Languages list must be specified by [ Language ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/language/index.md) +Languages list must be specified by [Language](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/language/index.md) elements. ``` - +** ** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md index 0509ac4410..ec3177c278 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md @@ -67,6 +67,6 @@ The following table shows the decimal - base32hex equivalent for the first 127 n For example, dimensions are identified by a number going from 0 to 127 in decimal representation and 0 to 3V in base32hex representation. -The [ Context Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) support _128_ dimension +The [Context Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) support _128_ dimension parameters going from `B0` to `B3V` using the **base32hex**`0` to `3V` numbers to identify a dimension. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/recommendations/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/recommendations/index.md index 706b049126..f238cb183b 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/recommendations/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/recommendations/index.md @@ -44,12 +44,10 @@ Configure auto-completion by proceeding as follows: ``` "settings": { - "xml.fileAssociations": [ - { + "xml.fileAssociations": [{ "systemId": "file:///C:/identitymanagerDemo/identitymanager-configuration.xsd", "pattern": "**/*.xml" - } - ] + }] } ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/reservedidentifiers/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/reservedidentifiers/index.md index 68d20524fa..8ae6ba24b2 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/reservedidentifiers/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/reservedidentifiers/index.md @@ -6,8 +6,8 @@ sidebar_position: 60 # Reserved identifiers -Identifiers of [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)cannot be one of the following +Identifiers of [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)cannot be one of the following words: These words can't be written in any case, example: id, Id, iD and ID are forbidden. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationownerfilter/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationownerfilter/index.md index 27135711ce..c361e873cc 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationownerfilter/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationownerfilter/index.md @@ -15,9 +15,9 @@ attributes of entitlements owner. | Property | Details | | ----------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Campaign required | **Type** Int64 **Description** The associated campaign. | -| D0 optional | **Type** Int64 **Description** Identifier of the dimension 0 (up to 3V in the [ Base32 Parameter Names ](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)) that filters the owners targeted by the access certification campaign. | +| D0 optional | **Type** Int64 **Description** Identifier of the dimension 0 (up to 3V in the [Base32 Parameter Names](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)) that filters the owners targeted by the access certification campaign. | | IndividualOwner optional | **Type** Int64 **Description** If set, filters on the owner. | -| L0 default value: false | **Type** Boolean **Description** `true` to include all the hierarchy beneath the dimension 0. **Note:** this setting can be used only if the corresponding [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) was declared with `IsHierarchical` set to `true` and with a `ParentProperty`. | +| L0 default value: false | **Type** Boolean **Description** `true` to include all the hierarchy beneath the dimension 0. **Note:** this setting can be used only if the corresponding [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) was declared with `IsHierarchical` set to `true` and with a `ParentProperty`. | | MinimalRiskScore optional | **Type** Int32 **Description** If set, filters only owners above given risk. | | OwnerLastModificationDate optional | **Type** DateTime **Description** Date such that the identities to be certified will be those for which the value of the `OwnerLastModificationDateBinding` property was modified since then. **Note:** must be set together with `OwnerLastModificationDateBinding`. | | OwnerLastModificationDateBinding optional | **Type** Int64 **Description** Binding of the property whose owner will be part of the campaign's targets, if the property's value was modified since `OwnerLastModificationDate`. **Note:** must be set together with `OwnerLastModificationDate`. **Note:** the properties calculated by Identity Manager cannot be used. | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/index.md index a856b37f7e..cdc1f468c9 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/index.md @@ -6,6 +6,6 @@ sidebar_position: 110 # Access Certification -- [ AccessCertificationCampaignPolicy ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationcampaignpolicy/index.md) -- [ AccessCertificationDataFilter ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationdatafilter/index.md) -- [ AccessCertificationOwnerFilter ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationownerfilter/index.md) +- [AccessCertificationCampaignPolicy](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationcampaignpolicy/index.md) +- [AccessCertificationDataFilter](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationdatafilter/index.md) +- [AccessCertificationOwnerFilter](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationownerfilter/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md index ed3f7522ed..56467811ac 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md @@ -37,9 +37,12 @@ AccessControlEntry grants or denies a permission to a user. Access Control Entri Access Control Rule that defines the users scope of responsibility in the Identity Manager UI/Workflows. -**NOTE:** If your configuration contains an access control entry with `Permission="/"` and +:::note +If your configuration contains an access control entry with `Permission="/"` and `CanExecute="true"` then an error will occur during the configuration deployment, as a profile should not possess such a big permission. +::: + ### Properties @@ -60,8 +63,11 @@ An access control filter restricts the application of the access control rule to the data set. The rule will give the specified permissions to the profile only on the parts of the rule's data set for which the filter's condition is met. -_Remember,_ the ViewHistory permission (/Custom/Resources/Entity_Type/ViewHistory) does not work if +:::tip +Remember, the ViewHistory permission (/Custom/Resources/Entity_Type/ViewHistory) does not work if a filter is added. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -81,7 +87,7 @@ This condition is actually a comparison expression between two elements: ### Examples -Filter on a constant value +**Filter on a constant value** The following example gives to the `Administrator` profile certain permissions on user data, but only concerning users working in the marketing department. @@ -101,7 +107,7 @@ script in the command line. Technically speaking, the filter here says that the rule's permissions apply only on users from `Directory_User` whose `Code` of `MainOrganization` is `Marketing`. -Filter on the account of the current user +**Filter on the account of the current user** The following example gives to the `Manager` profile certain permissions on user data, but only concerning users from the team managed by the current user. @@ -170,7 +176,7 @@ Technically speaking, the filter here says that the rule's permissions apply onl single roles whose `Id` of the `Category` of the `SingleRole` is the same identifier as the value set for the `Category` property of the current user, in at least one of their assigned profiles. -Multiple filters +**Multiple filters** The following example gives to the `RoleOfficerByCategory` profile the permission to review the roles of users from `Directory_User`, but only the roles of a category assigned to the current user, @@ -203,11 +209,11 @@ single roles: | ---------------------------------- | --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Binding required | Int64 | Binding of the property whose value is to be checked to restrict the application of the rule's permissions. **NOTE:** The binding must be based on the entity type defined in the access control rule. | | Category default value: false | Boolean | True to compare the value specified by the binding to the categories of the current user's assigned profiles. | -| CompositeRole default value: false | Boolean | True to compare the value specified by the binding to the composite roles of the current user's assigned profiles. See the [ Assigned Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | +| CompositeRole default value: false | Boolean | True to compare the value specified by the binding to the composite roles of the current user's assigned profiles. See the [Assigned Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | | CurrentUser default value: false | Boolean | True to compare the value specified by the binding to the identifier of the account used by the current user to authenticate to Identity Manager. **NOTE:** The current user is the owner of the profile, allowed by the access control rule to perform an action and/or receive a notification. `CurrentUser` is tightly linked to the configuration of the `SelectUserByIdentityQueryHandlerSetting`. | -| Dimension optional | Int64 | Identifier of the dimension whose value(s), from the user's assigned profiles, are to be compared to the value specified by the binding. See [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) and [ Assigned Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topics for additional information. | +| Dimension optional | Int64 | Identifier of the dimension whose value(s), from the user's assigned profiles, are to be compared to the value specified by the binding. See [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) and [Assigned Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topics for additional information. | | Group optional | String | Group that the filter is part of. The access control rule filters the permissions by using the union (OR) of all filter groups, and the intersection (AND) of all filters within a group. **NOTE:** When not specified, the filter is part of the default group. | | Operator default value: 0 | AccessControlFilterOperator | Comparison operator. 0 - Equals. 1 - NotEquals. | -| ResourceType default value: false | Boolean | True to compare the value specified by the binding to the resource types of the current user's assigned profiles. See the [ Assigned Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | -| SingleRole default value: false | Boolean | True to compare the value specified by the binding to the single roles of the current user's assigned profiles. See the [ Assigned Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | +| ResourceType default value: false | Boolean | True to compare the value specified by the binding to the resource types of the current user's assigned profiles. See the [Assigned Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | +| SingleRole default value: false | Boolean | True to compare the value specified by the binding to the single roles of the current user's assigned profiles. See the [Assigned Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | | Value optional | String | Hard coded value to be compared to the value specified by the binding. | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/index.md index 40a7b8a0b7..2424155fb2 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/index.md @@ -6,11 +6,11 @@ sidebar_position: 10 # Access Control -- [ AccessControlPermission ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpermission/index.md) -- [ AccessControlPropertyGroup ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpropertygroup/index.md) +- [AccessControlPermission](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpermission/index.md) +- [AccessControlPropertyGroup](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpropertygroup/index.md) - [Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) -- [ Assigned Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) -- [ OpenIdClient ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) -- [ Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) -- [ Profile Context ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md) +- [Assigned Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) +- [OpenIdClient](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) +- [Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) +- [Profile Context](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md) - [Profile Rule Context](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md index f0412a0483..4c52e8882b 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md @@ -16,7 +16,7 @@ The secret must be strong enough to protect access to the API. The good practice is generating a random secret, for example a 32 characters string, from a tool like KeePass. Each clientId must have it's own secret. The tool -[ Usercube-New-OpenIDSecret ](/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md) can be +[Usercube-New-OpenIDSecret](/docs/identitymanager/6.2/integration-guide/executables/references/new-openidsecret/index.md) can be used to generate secrets and their hashes. Each clientId must have a scope of responsibility. The _Profile_ and _ContextId_ properties assign a @@ -28,7 +28,7 @@ The following code declares a clientId with the Administrator profile. ``` - +**** ```` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md index da3565312b..0bb5ebb7dc 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profile/index.md @@ -13,7 +13,7 @@ Control Rule and Profile Rule to describe who can do what. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md index 125804d406..2b3569934d 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md @@ -19,7 +19,7 @@ lower or equal to -2. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md index c4503ba4d3..1e3a64af2a 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md @@ -44,7 +44,7 @@ script in the command line. | Property | Type | Description | | ----------------------------- | ------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| B0 optional | Int64 | Represents the first dimension binding definition. The 127 other dimension bindings can be referred to by 127 more parameters from B1 to B3V following the base32hex convention. See the [ Base32 Parameter Names ](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | +| B0 optional | Int64 | Represents the first dimension binding definition. The 127 other dimension bindings can be referred to by 127 more parameters from B1 to B3V following the base32hex convention. See the [Base32 Parameter Names](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | | IsDenied default value: false | Boolean | Profile denied to the user when matched. | | Profile required | Int64 | Identifier of the profile rule. | | RootExpression optional | String | C# expression to apply on the source entity type of the context resource type. See the [Expressions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md) topic for additional information. | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/index.md index 7039036033..c6a3e1ae36 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/index.md @@ -6,4 +6,4 @@ sidebar_position: 120 # Business Intelligence -- [ Universe ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) +- [Universe](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md index e6c06f86ed..67cb045d6d 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md @@ -18,7 +18,7 @@ The following example builds a universe called `Universe1`: ``` - +**** @@ -62,7 +62,7 @@ we see the following: ## Child Element: Association Instance An association instance represents, within a Universe , the occurrence in the model of an -[ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +[Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). ### Properties @@ -76,7 +76,7 @@ An association instance represents, within a Universe , the occurrence in the mo ## Child Element: Entity Instance An entity instance represents, within a Universe , the occurrence in the model of an -[ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +[Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). ### Properties diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md index 14cefdd080..aaa7463fcd 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md index 63c98883dd..dab501c8ea 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md @@ -6,6 +6,6 @@ sidebar_position: 10 # Access Reviews -- [ Access Review Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) +- [Access Review Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) Generates the permissions to administrate campaign creation. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md index 111e50baa9..3068e1b7cf 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md @@ -13,7 +13,7 @@ resource types, and launch generate provisioning orders and fulfillment from the ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md index 62de467c57..322ed909a6 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md @@ -6,12 +6,12 @@ sidebar_position: 20 # Connectors -- [ Connector Resource Type Access Control ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md) +- [Connector Resource Type Access Control](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md) Gives the rights to create and update resource types, generate provisioning orders and fulfill from the connector screen. -- [ Settings Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md) +- [Settings Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md) Generates the permissions to configure the Workforce Core Solution module and connector settings. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md index b3bd0def9b..d46bfc12be 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates the permissions to configure the Workforce Core Solution module and co ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/index.md index 287efd7c5f..9b71440833 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/index.md @@ -8,14 +8,14 @@ sidebar_position: 10 Scaffoldings for access control give some permissions, by allowing the corresponding API calls. -- [ Access Reviews ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md) -- [ Connectors ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md) -- [ Jobs ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md) -- [ Monitoring ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md) -- [ Profiles ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md) -- [ Queries ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md) -- [ Resources ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md) +- [Access Reviews](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md) +- [Connectors](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md) +- [Jobs](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md) +- [Monitoring](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md) +- [Profiles](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md) +- [Queries](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md) +- [Resources](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md) - [Role Models](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/index.md) -- [ Simulations ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md) -- [ User Interfaces ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md) -- [ Workflows ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md) +- [Simulations](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md) +- [User Interfaces](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md) +- [Workflows](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md index 95575cf429..8925c5de39 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md @@ -20,7 +20,7 @@ The entity instances generated by the scaffolding will have: ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md index 2ac469821a..387a004a70 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md @@ -6,65 +6,65 @@ sidebar_position: 30 # Jobs -- [ GetJobLogAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md) +- [GetJobLogAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md) Generates the permissions to read task and job instances logs in UI for a given profile. -- [ JobAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md) +- [JobAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md) Scaffolding to access the job administration page. -- [ JobTaskAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobtaskadministrationaccesscontrolrules/index.md) +- [JobTaskAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobtaskadministrationaccesscontrolrules/index.md) Generates all permissions for JobStep entity. -- [ PendingAssignedResourceTypesAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md) +- [PendingAssignedResourceTypesAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md) Generates the access control rules which give to a profile the permissions to call the API Pending AssignedResourceTypes. -- [ ProvisioningAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md) +- [ProvisioningAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md) Generates the execution rights for Provisioning and Fulfillment tasks for a given profile. -- [ ResourceChangesViewAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md) +- [ResourceChangesViewAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md) Generates the access control rules which gives to a profile the permissions to call the API ResourceChange, ResourceFileChange and ResourceLinkChange. -- [ ResourceTypeMappingControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md) +- [ResourceTypeMappingControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md) Generate rights to launch agent fulfillment. -- [ RunJobAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md) +- [RunJobAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md) Generates the permissions to launch jobs from UI for a given profile. -- [ RunJobNotificationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md) +- [RunJobNotificationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md) Generates access control to send notification when job finish with an error state. -- [ RunJobRepairAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md) +- [RunJobRepairAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md) Generates the permissions to launch from UI jobs that are in state blocked after a Provisioning or a synchronization for a given profile. -- [ RunJobRepairNotificationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md) +- [RunJobRepairNotificationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md) Generates access control to send notification when a relaunch job finish with an error state. -- [ SynchronizationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) +- [SynchronizationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) Generates rights to launch synchronization task. -- [ TaskAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md) +- [TaskAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md) Generates all rights to have the access to job administration page. -- [ TaskInstanceAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskinstanceadministrationaccesscontrolrules/index.md) +- [TaskInstanceAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskinstanceadministrationaccesscontrolrules/index.md) Generates access control to update the task instances. -- [ WorkflowFulfillmentControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md) +- [WorkflowFulfillmentControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md) Generates the execution rights to launch Fulfillment workflow for a given profile. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md index c455df6c1c..0ce956ba8c 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md @@ -15,7 +15,7 @@ part in dashboard of the user interface. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md index 224587f5a0..d48c241d9c 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md @@ -13,7 +13,7 @@ AssignedResourceTypes. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md index bea3c756b4..4961b77f73 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md @@ -20,7 +20,7 @@ The entity instances generated by the scaffolding will have: ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md index 6d4e2bbc41..db0a1531ed 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md @@ -16,7 +16,7 @@ retrieved by these APIs. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md index 359a918ca3..d8d02bcbc7 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md @@ -14,7 +14,7 @@ MicrosoftEntraID...). This right corresponds to the permission to use ResourceTy ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md index a3839046d2..c357717cb3 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md @@ -13,7 +13,7 @@ synchronization for a given profile. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md index cfba393eaa..e7fdc3d593 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates access control to send notification when job finish with an error stat ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md index 8c0716981f..1de24735a7 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates the rights to read task and job instances logs in UI for a given profi ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md index a198ba19dc..614c07e5d1 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates access control to send notification when a relaunch job finish with an ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md index 925f750a5f..cd7eb66c1c 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md @@ -13,7 +13,7 @@ profile. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md index 453d53d291..1018ac4b2c 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates all rights to have the access to job administration page. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md index 16a3134423..432a0af35a 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md @@ -12,7 +12,7 @@ Generates the execution rights to launch Fulfillment workflow for a given profil ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md index 6b1012ea88..7ccab642e8 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md @@ -6,7 +6,7 @@ sidebar_position: 40 # Monitoring -- [ MonitoringAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md) +- [MonitoringAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md) Generates the access control rule which gives to a profile the permission to query the monitoring screen. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md index 277585db1a..fd85c59e1e 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md @@ -13,7 +13,7 @@ screen. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md index d31cc0a784..9d0eff4847 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md @@ -18,7 +18,7 @@ query assigned profiles. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md index 58157c0b75..9c668f3770 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md @@ -6,11 +6,11 @@ sidebar_position: 50 # Profiles -- [ Assign Profile Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md) +- [Assign Profile Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md) Gives to a given profile the rights to create, update, delete and query any assigned profile. -- [ OpenId Client Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/openidclientadministrationaccesscontrolrules/index.md) -- [ Profile Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md) +- [OpenId Client Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/openidclientadministrationaccesscontrolrules/index.md) +- [Profile Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md) Gives to a given profile the rights to create, update and delete profiles. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md index 49669de548..e5fb01efe0 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md @@ -23,7 +23,7 @@ profiles. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md index 29f816d489..a9372ca81d 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md @@ -6,20 +6,20 @@ sidebar_position: 60 # Queries -- [ Manage Setting Access Control Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/managesettingaccesscontrolrule/index.md) +- [Manage Setting Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/managesettingaccesscontrolrule/index.md) Generates the access control rule which gives to a profile the permission to query, create, update and delete settings from the UM_Settings table. -- [ Report Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md) +- [Report Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md) Generates the permissions to access the report view. -- [ Target Resource Report Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md) +- [Target Resource Report Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md) Generates the permissions to apply a report for a profile on a given entity. -- [ Universe Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md) +- [Universe Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md) Generates an access control rule which gives a profile the permission to access the query page and run queries. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md index a89de7d466..bebe7aa367 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the navigation to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md index 246a24863d..c92bcf985c 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md @@ -10,13 +10,13 @@ Generates the right to apply a report for a profile on a given entity. The existence of a report for this entity must exist in order to use this scaffolding. A scaffolding allows to generate a default report for an entity: -[ Target Resource Report Menus ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md) +[Target Resource Report Menus](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md) ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md index ed5fafa687..3bbb0f4f0e 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md @@ -15,7 +15,7 @@ The following example gives the permission to access the query page to the admin ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md index d0987f5edd..aa026c0861 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md @@ -13,7 +13,7 @@ modified incrementally ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md index 637e4650ee..ebf7d7b75b 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md @@ -6,25 +6,25 @@ sidebar_position: 70 # Resources -- [ Create Resource Incremental Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md) +- [Create Resource Incremental Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md) Generates the access control rule which gives to a profile the permission to query the resources modified incrementally. -- [ Resource Api Administration ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md) +- [Resource Api Administration](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md) Generates the permissions to create/update/delete/query resources from a given entity type, for a given profile. -- [ Resource Picker Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md) +- [Resource Picker Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md) Creates the reading right of the resource picker. -- [ View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) +- [View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) Generates the permissions to view an entity type's resources. -- [ View History Resource Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md) +- [View History Resource Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md) Generates an access control rule giving to the specified profile the permission to browse the resources history of the specified entity type. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md index e488b78d50..fe5d20380d 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md @@ -16,7 +16,7 @@ query resources from `Directory_User`. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md index 5f40fe2811..2b3514f1b2 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md @@ -12,7 +12,7 @@ Creates the reading right of the resource picker. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md index c6bb7b82e5..1c2dd9f7d1 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md @@ -15,7 +15,7 @@ displays the resources of the `Directory_UserType` entity type, as well as its s ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md index d7ac91336c..e273a7b232 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md @@ -13,7 +13,7 @@ resources history of the specified entity type. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md index 566f10edaf..a6ec1923d5 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md @@ -13,7 +13,7 @@ basket. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md index 2c6b59fcaf..e99f59f7c2 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md @@ -11,13 +11,13 @@ review of multiple manual provisioning items for the `Directory_User` entity typ ``` - +**** ``` The scaffolding generates the following scaffoldings: -- [ Perform Manual Provisioning Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md): +- [Perform Manual Provisioning Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md): Generates the permissions to access the manual provisioning pages for a given entity type and profile. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkresourcereconciliationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkresourcereconciliationaccesscontrolrules/index.md index 1492f3d041..9786e9ec27 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkresourcereconciliationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkresourcereconciliationaccesscontrolrules/index.md @@ -20,7 +20,7 @@ The scaffolding generates the following scaffoldings: - ReconciliateResourcesAccessControlRules: Generates the permissions to access the resource reconciliation pages for a given entity type and profile. See the - [ Reconciliate Resources Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) + [Reconciliate Resources Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) topic for additional information. ## Properties diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md index 126c9b0987..6183c70d66 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md @@ -11,13 +11,13 @@ review of multiple errored provisioning orders for the `Directory_User` entity t ``` - +**** ``` The scaffolding generates the following scaffoldings: -- [ Review Provisioning Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md): +- [Review Provisioning Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md): Generates the permissions to access the provisioning review pages for a given entity type and profile. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md index 008c359886..ab50136094 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md @@ -10,7 +10,7 @@ Generates the permissions to perform bulk validations on the **Role Reconciliati The scaffolding generates the following scaffoldings: -- [ Reconciliate Roles Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md): +- [Reconciliate Roles Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md): Generates the permissions to access the role reconciliation pages for a given entity type and profile. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/index.md index 4a974debe7..bb7fc6e527 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/index.md @@ -6,12 +6,12 @@ sidebar_position: 80 # Role Models -- [ Basket Rules Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md) +- [Basket Rules Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md) Generates the permissions to execute the different requests to display the information in the rights basket. -- [ Bulk Perform Manual Provisioning Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md) +- [Bulk Perform Manual Provisioning Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md) Generates the permissions to perform bulk validations on the \*\*Perform Manual Provisioning\*\* page. @@ -21,56 +21,56 @@ sidebar_position: 80 Generates the permissions to perform bulk validations on the \*\*Resource Reconciliation\*\* page. -- [ Bulk Review Provisioning Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md) +- [Bulk Review Provisioning Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md) Generates the permissions to perform bulk validations on the \*\*Provisioning Review\*\* page (only for errored orders). -- [ Bulk Role Reconciliation Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md) +- [Bulk Role Reconciliation Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md) Generates the permissions to perform bulk validations on the \*\*Role Reconciliation\*\* page. -- [ Governance Roles Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/governancerolesaccesscontrolrules/index.md) +- [Governance Roles Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/governancerolesaccesscontrolrules/index.md) Generates the permissions to access the governance review pages for a given entity type and profile. -- [ Perform Manual Provisioning Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md) +- [Perform Manual Provisioning Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md) Generates the permissions to access the manual provisioning pages for a given entity type and profile. -- [ Reconciliate Resources Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) +- [Reconciliate Resources Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) Generates the permissions to access the resource reconciliation pages for a given entity type and profile. -- [ Reconciliate Roles Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md) +- [Reconciliate Roles Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md) Generates the permissions to access the role reconciliation pages for a given entity type and profile. -- [ Redundant Assignment Access Control Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md) +- [Redundant Assignment Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md) Generates the permissions to access the \*\*Redundant Assignment\*\* page, to analyze and remove redundant assignments. -- [ Review Provisioning Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md) +- [Review Provisioning Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md) Generates the permissions to access the provisioning review pages for a given entity type and profile. -- [ Review Roles Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md) +- [Review Roles Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md) Generates the permissions to access the role review pages for a given entity type and profile. -- [ Risks Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md) -- [ Role Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md) +- [Risks Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md) +- [Role Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md) Generates the permissions to access the configuration pages and create, update, delete the elements of the role model. -- [ Role Naming Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md) +- [Role Naming Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md) Generates the permissions to configure and launch the automatic creation of roles and rules based on naming conventions. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md index 2f9b6cb546..47fe9567a1 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md @@ -20,7 +20,7 @@ otherwise the information of the entity type cannot be displayed on this screen. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md index a2974e70dc..090f6546e4 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md @@ -19,7 +19,7 @@ EntityType to be filled in the Scaffolding. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md index 8d098e7efb..85152db3a9 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md index 8fe12b21fc..32aada43ff 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md @@ -20,7 +20,7 @@ Assignment** page and perform redundant-assignment related actions. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md index 26e65dc207..db53724737 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md @@ -18,7 +18,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md index 9469c91cb3..76bf12cbb7 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md index 7e7f77cbc6..faee8a58aa 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 130 ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md index 4058d00049..71ab4c9b13 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md @@ -29,7 +29,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md index ce00322438..3c98162c0e 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md @@ -13,7 +13,7 @@ naming conventions. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md index 076a17ed79..e8c619a26e 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md @@ -7,4 +7,4 @@ sidebar_position: 90 # Simulations - [Policy Simulation Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md) -- [ Role And Simulation Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md) +- [Role And Simulation Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md index 918dd60536..3b7f4c0e5f 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 10 ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md index 1ac970ea4f..fda6ca46d4 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 20 ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md index ffc64b33b2..9673e726a8 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md @@ -6,8 +6,8 @@ sidebar_position: 100 # User Interfaces -- [ Manage Accounts ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md) -- [ Search Bar Page Access Control ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/searchbarpageaccesscontrol/index.md) +- [Manage Accounts](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md) +- [Search Bar Page Access Control](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/searchbarpageaccesscontrol/index.md) Gives access rights to the different navigation elements of the SearchBars of the pages of the role model. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md index ab8ffbb9fc..8ec97c1f70 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md @@ -20,7 +20,7 @@ users from `Directory_User`. ``` - +**** In order to see AD accounts once clicking on the button: diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md index 47b9a2d300..5453844038 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md @@ -18,14 +18,14 @@ must be created with the following names: The scaffolding generates the following scaffoldings: -- [ View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the +- [View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the permissions to view an entity type's resources. ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md index c10800bc90..1f5f1ac594 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md @@ -6,17 +6,17 @@ sidebar_position: 110 # Workflows -- [ Create Update Delete Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md) +- [Create Update Delete Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md) Generates execution rights for the create, update, delete workflows. -- [ Update Resources Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md) -- [ Workflow Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md) +- [Update Resources Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md) +- [Workflow Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md) Generates the permissions to access the task page and visualize the workflows to be executed for a given entity type and profile. -- [ Workflow Configuration Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md) -- [ Workflow Overview Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md) +- [Workflow Configuration Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md) +- [Workflow Overview Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md) Generates the permissions to access the workflow supervision page. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md index 83765e1c8d..4591008ab5 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 20 ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md index 3a7499cb1e..53d77be87f 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md @@ -23,7 +23,7 @@ DashBoard shortcut: ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md index 376868ee74..a2fb709ac1 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 40 ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md index eea38778bd..0c636be3a4 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md index aca82d38dc..ef75e8efe1 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md @@ -24,7 +24,7 @@ If you are using a CSV connector with files in incremental mode, you must specif ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md index 03bdb2ceb4..2838ee62fc 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md @@ -15,7 +15,7 @@ no display name is defined. ``` - +**** ``` @@ -26,7 +26,7 @@ in `Directory_Country`, when no display name is defined. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md index 281ebf65bb..1b4b7f6d1d 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md @@ -15,7 +15,7 @@ the table. Otherwise, the only scalar property displayed in the table is the int ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md index ce24a15b10..c4ad65939a 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md @@ -18,7 +18,7 @@ table. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md index 925b345ab3..fc6656da7e 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md @@ -14,7 +14,7 @@ The design element for this displaytable is resourcetable. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md index 55e4946a1a..ae31c27b2d 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md @@ -12,7 +12,7 @@ Creates the search bar for the entity without criteria. ``` - +**** ``` @@ -28,6 +28,6 @@ Our example generates the following configuration: ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/index.md index 542a808f7f..80d33e6932 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/index.md @@ -6,35 +6,35 @@ sidebar_position: 10 # Entity Types -- [ Connector Mappings ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md) +- [Connector Mappings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md) Generates the mapping of an entity in a given connector. -- [ Entity Type Display Name ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md) +- [Entity Type Display Name](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md) Computes a default value for resources' internal display names. -- [ Entity Type Display Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md) +- [Entity Type Display Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md) Creates a display table for the given entity. -- [ Entity Type Display Table Adaptable ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md) +- [Entity Type Display Table Adaptable](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md) Creates an adaptable display table for a given entity type. -- [ Entity Type Display Target Resource Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md) +- [Entity Type Display Target Resource Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md) Creates a display table for the given entity. -- [ Entity Type Menu Item ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypemenuitem/index.md) +- [Entity Type Menu Item](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypemenuitem/index.md) Creates a menu item for the entity type, and for its connector if the entity type has an entity type mapping. -- [ Entity Type Search Bar ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md) +- [Entity Type Search Bar](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md) Creates the search bar for the entity without criteria. -- [ Target Resource Report Menus ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md) +- [Target Resource Report Menus](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md) Creates the Item menu for the entity's report so that it is displayed in the report view. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md index 4df053843e..11484e44af 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md @@ -12,7 +12,7 @@ Creates the Item menu for the entity's report so that it is displayed in the rep ``` - +**** ``` @@ -28,6 +28,6 @@ Our example generates the following configuration: ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/index.md index 5d9e64fe54..cd1cf816b4 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/index.md @@ -7,4 +7,4 @@ sidebar_position: 20 # Entity Types - [Entity Types](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/index.md) -- [ Workflows ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md) +- [Workflows](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md index 9ddeb29455..fc86d7c7c7 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md @@ -21,7 +21,7 @@ scaffolding, the names of these 3 workflows must comply with the following stand ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md index cba5b74505..e94fd173c4 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md @@ -10,7 +10,7 @@ sidebar_position: 20 ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md index 96677de798..0073d5a702 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md @@ -6,25 +6,25 @@ sidebar_position: 20 # Workflows -- [ Create Update Delete Menus ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md) +- [Create Update Delete Menus](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md) Creates updates and deletes menus for an entity. -- [ Create Update Delete Workflows ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md) -- [ Update Resources Menus ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md) -- [ Update Resources Workflows ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md) -- [ Workflow Actors Notification ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md) -- [ Workflow Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md) +- [Create Update Delete Workflows](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md) +- [Update Resources Menus](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md) +- [Update Resources Workflows](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md) +- [Workflow Actors Notification](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md) +- [Workflow Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md) Creates an entity that will be the source of all workflows that manipulate the given entity. -- [ Workflow Entity Type Display Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md) -- [ Workflow Entity Type Display Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md) +- [Workflow Entity Type Display Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md) +- [Workflow Entity Type Display Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md) Creates the display table of the workflow entity of the starting entity. -- [ Workflow Entity Type Search Bar ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md) +- [Workflow Entity Type Search Bar](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md) Creates the search bar of the workflow entity of the starting entity. -- [ Workflow Performer Notification ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md) +- [Workflow Performer Notification](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md index cbeeec0501..2a3626c089 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md @@ -10,7 +10,7 @@ sidebar_position: 30 ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md index cbdc9133ab..a5937e4c52 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md @@ -10,7 +10,7 @@ sidebar_position: 40 ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md index 17c01ed6f4..8da7d630d0 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md @@ -10,7 +10,7 @@ sidebar_position: 50 ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md index be7c4dd2e1..b966523cf8 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md @@ -13,7 +13,7 @@ create the association between this new entity and the starting entity. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md index 501194a5da..268758bfde 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md @@ -10,7 +10,7 @@ sidebar_position: 70 ``` - +**** ``` @@ -26,6 +26,6 @@ Our example generates the following configuration: ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md index 1a54cd2d99..fd36258c4b 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md @@ -15,7 +15,7 @@ launch this scaffolding. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md index 9cb1eb439c..dd3b20f98c 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md @@ -15,7 +15,7 @@ this scaffolding. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md index 86b1c3f143..950ef8d9ea 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md @@ -10,7 +10,7 @@ sidebar_position: 100 ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md index e90f08f80d..71c4f270a4 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md @@ -12,7 +12,7 @@ an XML element that will generate a complex XML fragment. Available scaffoldings are described below. To understand scaffoldings' generated configuration, Identity Manager's executable -[ Usercube-Export-Configuration ](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) +[Usercube-Export-Configuration](/docs/identitymanager/6.2/integration-guide/executables/references/export-configuration/index.md) can be launched with the `--export-scaffolding` option to export into XML files the configuration items generated by scaffoldings. @@ -23,160 +23,160 @@ their content in your own configuration. - [Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/index.md) -- [ Access Reviews ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md) +- [Access Reviews](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md) -- [ Access Review Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) +- [Access Review Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) Generates the permissions to administrate campaign creation. -- [ Connectors ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md) +- [Connectors](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md) -- [ Connector Resource Type Access Control ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md) +- [Connector Resource Type Access Control](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md) Gives the rights to create and update resource types, generate provisioning orders and fulfill from the connector screen. -- [ Settings Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md) +- [Settings Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md) Generates the permissions to configure the Workforce Core Solution module and connector settings. -- [ Jobs ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md) +- [Jobs](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md) -- [ GetJobLogAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md) +- [GetJobLogAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md) Generates the permissions to read task and job instances logs in UI for a given profile. -- [ JobAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md) +- [JobAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md) Scaffolding to access the job administration page. -- [ JobTaskAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobtaskadministrationaccesscontrolrules/index.md) +- [JobTaskAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobtaskadministrationaccesscontrolrules/index.md) Generates all permissions for JobStep entity. -- [ PendingAssignedResourceTypesAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md) +- [PendingAssignedResourceTypesAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md) Generates the access control rules which give to a profile the permissions to call the API Pending AssignedResourceTypes. -- [ ProvisioningAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md) +- [ProvisioningAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md) Generates the execution rights for Provisioning and Fulfillment tasks for a given profile. -- [ ResourceChangesViewAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md) +- [ResourceChangesViewAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md) Generates the access control rules which gives to a profile the permissions to call the API ResourceChange, ResourceFileChange and ResourceLinkChange. -- [ ResourceTypeMappingControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md) +- [ResourceTypeMappingControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md) Generate rights to launch agent fulfillment. -- [ RunJobAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md) +- [RunJobAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md) Generates the permissions to launch jobs from UI for a given profile. -- [ RunJobNotificationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md) +- [RunJobNotificationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md) Generates access control to send notification when job finish with an error state. -- [ RunJobRepairAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md) +- [RunJobRepairAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md) Generates the permissions to launch from UI jobs that are in state blocked after a Provisioning or a synchronization for a given profile. -- [ RunJobRepairNotificationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md) +- [RunJobRepairNotificationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md) Generates access control to send notification when a relaunch job finish with an error state. -- [ SynchronizationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) +- [SynchronizationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) Generates rights to launch synchronization task. -- [ TaskAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md) +- [TaskAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md) Generates all rights to have the access to job administration page. -- [ TaskInstanceAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskinstanceadministrationaccesscontrolrules/index.md) +- [TaskInstanceAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskinstanceadministrationaccesscontrolrules/index.md) Generates access control to update the task instances. -- [ WorkflowFulfillmentControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md) +- [WorkflowFulfillmentControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md) Generates the execution rights to launch Fulfillment workflow for a given profile. -- [ Monitoring ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md) +- [Monitoring](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md) -- [ MonitoringAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md) +- [MonitoringAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md) Generates the access control rule which gives to a profile the permission to query the monitoring screen. -- [ Profiles ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md) +- [Profiles](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md) -- [ Assign Profile Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md) +- [Assign Profile Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md) Gives to a given profile the rights to create, update, delete and query any assigned profile. -- [ OpenId Client Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/openidclientadministrationaccesscontrolrules/index.md) -- [ Profile Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md) +- [OpenId Client Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/openidclientadministrationaccesscontrolrules/index.md) +- [Profile Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md) Gives to a given profile the rights to create, update and delete profiles. -- [ Queries ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md) +- [Queries](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md) -- [ Manage Setting Access Control Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/managesettingaccesscontrolrule/index.md) +- [Manage Setting Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/managesettingaccesscontrolrule/index.md) Generates the access control rule which gives to a profile the permission to query, create, update and delete settings from the UM_Settings table. -- [ Report Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md) +- [Report Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md) Generates the permissions to access the report view. -- [ Target Resource Report Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md) +- [Target Resource Report Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md) Generates the permissions to apply a report for a profile on a given entity. -- [ Universe Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md) +- [Universe Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md) Generates an access control rule which gives a profile the permission to access the query page and run queries. -- [ Resources ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md) +- [Resources](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md) -- [ Create Resource Incremental Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md) +- [Create Resource Incremental Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md) Generates the access control rule which gives to a profile the permission to query the resources modified incrementally. -- [ Resource Api Administration ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md) +- [Resource Api Administration](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md) Generates the permissions to create/update/delete/query resources from a given entity type, for a given profile. -- [ Resource Picker Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md) +- [Resource Picker Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md) Creates the reading right of the resource picker. -- [ View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) +- [View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) Generates the permissions to view an entity type's resources. -- [ View History Resource Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md) +- [View History Resource Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md) Generates an access control rule giving to the specified profile the permission to browse the resources history of the specified entity type. - [Role Models](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/index.md) -- [ Basket Rules Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md) +- [Basket Rules Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md) Generates the permissions to execute the different requests to display the information in the rights basket. -- [ Bulk Perform Manual Provisioning Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md) +- [Bulk Perform Manual Provisioning Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md) Generates the permissions to perform bulk validations on the \*\*Perform Manual Provisioning\*\* page. @@ -186,152 +186,152 @@ their content in your own configuration. Generates the permissions to perform bulk validations on the \*\*Resource Reconciliation\*\* page. -- [ Bulk Review Provisioning Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md) +- [Bulk Review Provisioning Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md) Generates the permissions to perform bulk validations on the \*\*Provisioning Review\*\* page (only for errored orders). -- [ Bulk Role Reconciliation Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md) +- [Bulk Role Reconciliation Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md) Generates the permissions to perform bulk validations on the \*\*Role Reconciliation\*\* page. -- [ Governance Roles Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/governancerolesaccesscontrolrules/index.md) +- [Governance Roles Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/governancerolesaccesscontrolrules/index.md) Generates the permissions to access the governance review pages for a given entity type and profile. -- [ Perform Manual Provisioning Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md) +- [Perform Manual Provisioning Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md) Generates the permissions to access the manual provisioning pages for a given entity type and profile. -- [ Reconciliate Resources Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) +- [Reconciliate Resources Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) Generates the permissions to access the resource reconciliation pages for a given entity type and profile. -- [ Reconciliate Roles Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md) +- [Reconciliate Roles Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md) Generates the permissions to access the role reconciliation pages for a given entity type and profile. -- [ Redundant Assignment Access Control Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md) +- [Redundant Assignment Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md) Generates the permissions to access the \*\*Redundant Assignment\*\* page, to analyze and remove redundant assignments. -- [ Review Provisioning Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md) +- [Review Provisioning Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md) Generates the permissions to access the provisioning review pages for a given entity type and profile. -- [ Review Roles Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md) +- [Review Roles Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md) Generates the permissions to access the role review pages for a given entity type and profile. -- [ Risks Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md) -- [ Role Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md) +- [Risks Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md) +- [Role Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md) Generates the permissions to access the configuration pages and create, update, delete the elements of the role model. -- [ Role Naming Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md) +- [Role Naming Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md) Generates the permissions to configure and launch the automatic creation of roles and rules based on naming conventions. -- [ Simulations ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md) +- [Simulations](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md) - [Policy Simulation Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md) -- [ Role And Simulation Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md) +- [Role And Simulation Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md) -- [ User Interfaces ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md) +- [User Interfaces](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md) -- [ Manage Accounts ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md) -- [ Search Bar Page Access Control ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/searchbarpageaccesscontrol/index.md) +- [Manage Accounts](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md) +- [Search Bar Page Access Control](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/searchbarpageaccesscontrol/index.md) Gives access rights to the different navigation elements of the SearchBars of the pages of the role model. -- [ Workflows ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md) +- [Workflows](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md) -- [ Create Update Delete Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md) +- [Create Update Delete Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md) Generates execution rights for the create, update, delete workflows. -- [ Update Resources Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md) -- [ Workflow Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md) +- [Update Resources Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md) +- [Workflow Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md) Generates the permissions to access the task page and visualize the workflows to be executed for a given entity type and profile. -- [ Workflow Configuration Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md) -- [ Workflow Overview Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md) +- [Workflow Configuration Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md) +- [Workflow Overview Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md) Generates the permissions to access the workflow supervision page. -- [ Entity Types ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/index.md) +- [Entity Types](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/index.md) - [Entity Types](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/index.md) -- [ Connector Mappings ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md) +- [Connector Mappings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md) Generates the mapping of an entity in a given connector. -- [ Entity Type Display Name ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md) +- [Entity Type Display Name](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md) Computes a default value for resources' internal display names. -- [ Entity Type Display Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md) +- [Entity Type Display Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md) Creates a display table for the given entity. -- [ Entity Type Display Table Adaptable ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md) +- [Entity Type Display Table Adaptable](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md) Creates an adaptable display table for a given entity type. -- [ Entity Type Display Target Resource Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md) +- [Entity Type Display Target Resource Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md) Creates a display table for the given entity. -- [ Entity Type Menu Item ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypemenuitem/index.md) +- [Entity Type Menu Item](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypemenuitem/index.md) Creates a menu item for the entity type, and for its connector if the entity type has an entity type mapping. -- [ Entity Type Search Bar ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md) +- [Entity Type Search Bar](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md) Creates the search bar for the entity without criteria. -- [ Target Resource Report Menus ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md) +- [Target Resource Report Menus](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md) Creates the Item menu for the entity's report so that it is displayed in the report view. -- [ Workflows ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md) +- [Workflows](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md) -- [ Create Update Delete Workflows ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md) +- [Create Update Delete Workflows](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md) Creates updates and deletes menus for an entity. -- [ Update Resources Menus ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md) -- [ Update Resources Workflows ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md) -- [ Workflow Actors Notification ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md) -- [ Workflow Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md) +- [Update Resources Menus](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md) +- [Update Resources Workflows](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md) +- [Workflow Actors Notification](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md) +- [Workflow Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md) Creates an entity that will be the source of all workflows that manipulate the given entity. -- [ Workflow Entity Type Display Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md) -- [ Workflow Entity Type Display Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md) +- [Workflow Entity Type Display Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md) +- [Workflow Entity Type Display Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md) Creates the display table of the workflow entity of the starting entity. -- [ Workflow Entity Type Search Bar ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md) +- [Workflow Entity Type Search Bar](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md) Creates the search bar of the workflow entity of the starting entity. -- [ Workflow Performer Notification ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md) +- [Workflow Performer Notification](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md) -- [ Jobs ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md) +- [Jobs](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md) - [Clean Database Job](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md) @@ -351,7 +351,7 @@ their content in your own configuration. Creates for the given agent the synchronization job of all connectors present in the agent in incremental mode. -- [ Create Connectors Jobs ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md) +- [Create Connectors Jobs](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md) Creates all jobs by connector to launched task in the connector page. @@ -367,19 +367,19 @@ their content in your own configuration. Creates the Initialization Job for the given agent. -- [ Optimizations ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/index.md) +- [Optimizations](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/index.md) -- [ Optimize Display Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md) +- [Optimize Display Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md) Optimizes all elements found in the given displayTable. -- [ Queries ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) +- [Queries](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) -- [ Target Resource Report ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md) +- [Target Resource Report](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md) Creates a ReportQuery with default Query taking all the properties of the entity. -- [ Universe Data Model ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md) +- [Universe Data Model](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md) Creates, within a universe, entity instances and association instances based on a predefined template. @@ -390,55 +390,55 @@ their content in your own configuration. Gives the permissions to manage the connector pages. -- [ Create Administrator Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md) +- [Create Administrator Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md) Creates the profile administrator and all default access control rules. -- [ Create Update Delete Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md) +- [Create Update Delete Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md) Creates the three types of workflow for the given entity as well as the execution rights for the given profile. -- [ Entity Report Default ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md) +- [Entity Report Default](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md) Creates all configuration items to add a ReportQuery for an EntityType and profile. -- [ Job Execution Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) +- [Job Execution Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) Assigns a set of rights to a given profile to execute any job, and view all job instances, task instances and logs. -- [ Job View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md) +- [Job View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md) Scaffolding to generate a set of rights to view all JobInstances, TaskInstances and logs. -- [ Simulation Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md) +- [Simulation Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md) Generates the permissions to configure and launch simulations. -- [ Update Resources Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md) -- [ View Source Resource Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewsourceresourcetemplate/index.md) +- [Update Resources Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md) +- [View Source Resource Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewsourceresourcetemplate/index.md) Creates the display table, fills in the internal display name of the entity, and gives the rights to see the permissions and sources of the entity for a given profile. -- [ View Target Resource Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md) +- [View Target Resource Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md) Creates the entity view (designElement = resourceTable), the report and the rights for a given profile. -- [ View Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md) +- [View Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md) Creates the view for the given entity as well as the rights for the given profile. -- [ View Template Adaptable ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md) +- [View Template Adaptable](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md) Implements a default display name for the resources of a given entity type, displays the resources in an adaptable table, and give the permissions to view the resources. -- [ Workforce ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/index.md) +- [Workforce](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/index.md) -- [ Bootstrap Module ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/bootstrapmodule/index.md) +- [Bootstrap Module](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/bootstrapmodule/index.md) Generates the default settings required to start using Identity Manager and the Workforce Core Solution module. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md index 15dfdb2dab..0b3994a9fd 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md @@ -15,7 +15,7 @@ script in the command line. ``` -   +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createaccesscertificationjob/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createaccesscertificationjob/index.md index 6d9b3f0802..6f661ff275 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createaccesscertificationjob/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createaccesscertificationjob/index.md @@ -15,7 +15,7 @@ script in the command line. ``` -   +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchrocomplete/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchrocomplete/index.md index b5d793ffde..d77ddead4a 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchrocomplete/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchrocomplete/index.md @@ -18,7 +18,7 @@ script in the command line. ``` -   +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchroincremental/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchroincremental/index.md index 0fd78abddb..2b1cf41bb5 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchroincremental/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchroincremental/index.md @@ -19,7 +19,7 @@ script in the command line. ``` -   +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md index dcbb0a33bf..75827f36d3 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md @@ -12,7 +12,7 @@ Creates all jobs by connector to launched task in the connector page. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsynchrocomplete/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsynchrocomplete/index.md index eb7a3a6aff..f262fdbe56 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsynchrocomplete/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsynchrocomplete/index.md @@ -44,11 +44,14 @@ script in the command line. ### AddTask -**NOTE:** The old algorithm is no longer supported, so manual task addition is no longer required. +:::note +The old algorithm is no longer supported, so manual task addition is no longer required. If an exceptional situation requres the creation of a task note that the CopyOccurence must be deleted from the code. +::: -Example + +**Example** Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md index 17fe8c124e..d68df93c00 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md @@ -24,7 +24,7 @@ sidebar_position: 30 Creates for the given agent the synchronization job of all connectors present in the agent in incremental mode. -- [ Create Connectors Jobs ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md) +- [Create Connectors Jobs](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md) Creates all jobs by connector to launched task in the connector page. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/index.md index 4ed580c954..1c77af26fd 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/index.md @@ -6,6 +6,6 @@ sidebar_position: 40 # Optimizations -- [ Optimize Display Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md) +- [Optimize Display Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md) Optimizes all elements found in the given displayTable. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md index c9093ccbbe..07c75108ef 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md @@ -13,9 +13,9 @@ SQL queries used to fetch the data displayed in the corresponding table. In order to optimize the display table, this scaffolding will create the following elements if they don't exist. -- An [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)for each tile item that uses a +- An [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)for each tile item that uses a navigation binding. This will be used to hold the computed expression. -- An [ Entity Property Expression ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitypropertyexpression/index.md) to +- An [Entity Property Expression](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitypropertyexpression/index.md) to evaluate the binding expression used by the optimizable tile item. Then, the scaffolding will link the display table tile elements to the newly created scalar @@ -30,7 +30,7 @@ The following example optimized the DisplayTable `Directory_User` ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md index 8367b625ca..c785c4a607 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md @@ -6,11 +6,11 @@ sidebar_position: 70 # Queries -- [ Target Resource Report ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md) +- [Target Resource Report](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md) Creates a ReportQuery with default Query taking all the properties of the entity. -- [ Universe Data Model ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md) +- [Universe Data Model](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md) Creates, within a universe, entity instances and association instances based on a predefined template. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md index f2ca40edf5..7b66306972 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md @@ -14,7 +14,7 @@ The entity must have a displayTable to be able to use this scaffolding. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md index 11f2bc64cd..d59b6b0dca 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md @@ -165,7 +165,7 @@ It generates: ``` - +**** One entity instance for the entity type Directory_User: @@ -173,7 +173,7 @@ It generates: One association instance and one entity instance per navigation property: ... - +**** ``` @@ -204,7 +204,7 @@ It generates: ``` - +**** One entity instance for the entity type Directory_User. @@ -216,7 +216,7 @@ It generates: Same for all resource types. ... - +**** ``` @@ -268,7 +268,7 @@ It generates: ``` - +**** One entity instance for the entity type Directory_User. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md index addb4677fb..2f7442034d 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md @@ -17,27 +17,27 @@ Gives access to shortcuts on the dashboard to access these pages. The scaffolding generates the following scaffoldings: -- [ Connector Resource Type Access Control ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md): +- [Connector Resource Type Access Control](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md): Gives the rights to create and update resource types, generate provisioning orders and fulfill from the connector screen. -- [ Job View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md): Scaffolding to generate +- [Job View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md): Scaffolding to generate a set of rights to view all JobInstances, TaskInstances and logs. -- [ ResourceTypeMappingControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md): +- [ResourceTypeMappingControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md): Generate rights to launch agent fulfillment. -- [ Role Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md): +- [Role Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md): Generates the permissions to access the configuration pages and create, update, delete the elements of the role model. -- [ RunJobRepairAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md): +- [RunJobRepairAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md): Generates the permissions to launch from UI jobs that are in state blocked after a Provisioning or a synchronization for a given profile. -- [ TaskAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md): +- [TaskAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md): Generates all rights to have the access to job administration page. ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md index b9be4b12cc..ce8b2bd508 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md @@ -13,88 +13,88 @@ administrator profile. The scaffolding generates the following scaffoldings: -- [ Access Review Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md): +- [Access Review Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md): Generates the permissions to administrate campaign creation. -- [ Assign Profile Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md): +- [Assign Profile Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md): Gives to a given profile the rights to create, update, delete and query any assigned profile. -- [ Basket Rules Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md): +- [Basket Rules Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md): Generates the permissions to execute the different requests to display the information in the rights basket. -- [ Connector Resource Type Access Control ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md): +- [Connector Resource Type Access Control](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md): Gives the rights to create and update resource types, generate provisioning orders and fulfill from the connector screen. - [Connectors Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md): Gives the permissions to manage the connector pages. -- [ Create Connectors Jobs ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md): Creates all jobs by +- [Create Connectors Jobs](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md): Creates all jobs by connector to launched task in the connector page. -- [ Create Resource Incremental Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md): +- [Create Resource Incremental Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md): Generates the access control rule which gives to a profile the permission to query the resources modified incrementally -- [ Job Execution Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md): Assigns a set +- [Job Execution Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md): Assigns a set of rights to a given profile to execute any job, and view all job instances, task instances and logs. -- [ Manage Accounts ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md): -- [ Manage Setting Access Control Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/managesettingaccesscontrolrule/index.md): +- [Manage Accounts](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md): +- [Manage Setting Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/managesettingaccesscontrolrule/index.md): Generates the access control rule which gives to a profile the permission to query, create, update and delete settings from the UM_Settings table. -- [ MonitoringAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md): +- [MonitoringAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md): Generates the access control rule which gives to a profile the permission to query the monitoring screen. -- [ Perform Manual Provisioning Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md): +- [Perform Manual Provisioning Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md): Generates the permissions to access the manual provisioning pages for a given entity type and profile. -- [ Profile Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md): +- [Profile Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md): Gives to a given profile the rights to create, update and delete profiles. -- [ ProvisioningAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md): +- [ProvisioningAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md): Generates the execution rights for Provisioning and Fulfillment tasks for a given profile. -- [ Reconciliate Roles Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md): +- [Reconciliate Roles Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md): Generates the permissions to access the resource reconciliation pages for a given entity type and profile. -- [ Reconciliate Roles Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md): +- [Reconciliate Roles Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md): Generates the permissions to access the role reconciliation pages for a given entity type and profile. -- [ Redundant Assignment Access Control Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md): +- [Redundant Assignment Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md): Generates the permissions to access the **Redundant Assignment** page, to analyze and remove redundant assignments. -- [ Report Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md): +- [Report Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md): Generates the permissions to access the report view. -- [ Resource Api Administration ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md): +- [Resource Api Administration](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md): Generates the permissions to create/update/delete/query resources from a given entity type, for a given profile. -- [ Resource Picker Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md): +- [Resource Picker Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md): Creates the reading right of the resource picker. -- [ ResourceTypeMappingControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md): +- [ResourceTypeMappingControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md): Generate rights to launch agent fulfillment. -- [ Review Provisioning Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md): +- [Review Provisioning Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md): Generates the permissions to access the provisioning review pages for a given entity type and profile. -- [ Review Roles Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md): +- [Review Roles Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md): Generates the permissions to access the role review pages for a given entity type and profile. -- [ Risks Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md): -- [ Role Administration Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md): +- [Risks Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md): +- [Role Administration Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md): Generates the permissions to access the configuration pages and create, update, delete the elements of the role model. -- [ Role Naming Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md): +- [Role Naming Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md): Generates the permissions to configure and launch the automatic creation of roles and rules based on naming conventions. -- [ Settings Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md): +- [Settings Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md): Generates the permissions to configure the Workforce Core Solution module and connector settings. -- [ Simulation Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md): Generates the +- [Simulation Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md): Generates the permissions to configure and launch simulations. -- [ SynchronizationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md): +- [SynchronizationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md): Generates rights to launch synchronization task. -- [ TaskAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md): +- [TaskAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md): Generates all rights to have the access to job administration page. -- [ Universe Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md): +- [Universe Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md): Generates an access control rule which gives a profile the permission to access the query page and run queries. -- [ View History Resource Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md): +- [View History Resource Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md): Generates an access control rule giving to the specified profile the permission to browse the resources history of the specified entity type. -- [ Workflow Configuration Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md): -- [ WorkflowFulfillmentControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md): +- [Workflow Configuration Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md): +- [WorkflowFulfillmentControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md): Generates the execution rights to launch Fulfillment workflow for a given profile. -- [ Workflow Overview Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md): +- [Workflow Overview Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md): Generates the permissions to access the workflow supervision page. ## Examples diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md index af802a3c6e..3c7970a50a 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md @@ -11,27 +11,27 @@ given profile. The scaffolding generates the following scaffoldings: -- [ Create Update Delete Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md): +- [Create Update Delete Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md): Generates execution rights for the create, update, delete workflows. -- [ Create Update Delete Menus ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md): +- [Create Update Delete Menus](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md): Creates creation, update and delete menus for an entity. -- [ Create Update Delete Workflows ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md): -- [ Entity Type Display Name ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): +- [Create Update Delete Workflows](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md): +- [Entity Type Display Name](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): Computes a default value for resources' internal display names. -- [ Entity Type Display Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md): +- [Entity Type Display Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md): Creates a display table for the given entity. -- [ Entity Type Search Bar ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md): Creates +- [Entity Type Search Bar](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md): Creates the search bar for the entity without criteria. -- [ View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): +- [View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the permissions to view an entity type's resources. -- [ Workflow Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md): Creates an +- [Workflow Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md): Creates an entity that will be the source of all workflows that manipulate the given entity. ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md index f78eeed5b8..a513900516 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md @@ -10,13 +10,13 @@ Creates all configuration items to add a ReportQuery for an EntityType and profi The scaffolding generates the following scaffoldings: -- [ Report Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md): +- [Report Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md): Generates the permissions to access the report view. -- [ Target Resource Report ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md): Creates a ReportQuery +- [Target Resource Report](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md): Creates a ReportQuery with default Query taking all the properties of the entity. -- [ Target Resource Report Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md): +- [Target Resource Report Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md): Generates the permissions to apply a report for a profile on a given entity. -- [ Target Resource Report Menus ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md): +- [Target Resource Report Menus](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md): Creates the Item menu for the entity's report so that it is displayed in the report view. ## Properties diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/index.md index 8b2ae01c6b..982a483932 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/index.md @@ -10,48 +10,48 @@ sidebar_position: 50 Gives the permissions to manage the connector pages. -- [ Create Administrator Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md) +- [Create Administrator Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md) Creates the profile administrator and all default access control rules. -- [ Create Update Delete Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md) +- [Create Update Delete Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md) Creates the three types of workflow for the given entity as well as the execution rights for the given profile. -- [ Entity Report Default ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md) +- [Entity Report Default](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md) Creates all configuration items to add a ReportQuery for an EntityType and profile. -- [ Job Execution Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) +- [Job Execution Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) Assigns a set of rights to a given profile to execute any job, and view all job instances, task instances and logs. -- [ Job View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md) +- [Job View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md) Scaffolding to generate a set of rights to view all JobInstances, TaskInstances and logs. -- [ Simulation Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md) +- [Simulation Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md) Generates the permissions to configure and launch simulations. -- [ Update Resources Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md) -- [ View Source Resource Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewsourceresourcetemplate/index.md) +- [Update Resources Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md) +- [View Source Resource Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewsourceresourcetemplate/index.md) Creates the display table, fills in the internal display name of the entity, and gives the rights to see the permissions and sources of the entity for a given profile. -- [ View Target Resource Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md) +- [View Target Resource Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md) Creates the entity view (designElement = resourceTable), the report and the rights for a given profile. -- [ View Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md) +- [View Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md) Creates the view for the given entity as well as the rights for the given profile. -- [ View Template Adaptable ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md) +- [View Template Adaptable](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md) Implements a default display name for the resources of a given entity type, displays the resources in an adaptable table, and give the permissions to view the resources. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md index 9712b6ed60..df7d1b447b 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md @@ -11,16 +11,16 @@ instances, task instances and logs. The scaffolding generates the following scaffoldings: -- [ Job View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md): Scaffolding to generate +- [Job View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md): Scaffolding to generate a set of rights to view all JobInstances, TaskInstances and logs. -- [ RunJobAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md): +- [RunJobAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md): Generates the permissions to launch jobs from UI for a given profile. -- [ RunJobNotificationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md): +- [RunJobNotificationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md): Generates access control to send notification when job finish with an error state. -- [ RunJobRepairAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md): +- [RunJobRepairAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md): Generates the permissions to launch from UI jobs that are in state blocked after a Provisioning or a synchronization for a given profile. -- [ RunJobRepairNotificationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md): +- [RunJobRepairNotificationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md): Generates access control to send notification when a relaunch job finish with an error state. ## Examples @@ -30,7 +30,7 @@ job instances, task instances and logs: ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md index 5fcb780a2d..0648579b79 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md @@ -11,14 +11,14 @@ Scaffolding performs a set of scaffolding rights for Jobs and Tasks. The scaffolding generates the following scaffoldings: -- [ GetJobLogAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md): +- [GetJobLogAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md): Generates the permissions to read task and job instances logs in UI for a given profile. -- [ JobAdministrationAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md): +- [JobAdministrationAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md): Scaffolding to access the job administration page. -- [ PendingAssignedResourceTypesAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md): +- [PendingAssignedResourceTypesAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md): Generates the access control rules which give to a profile the permissions to call the API Pending AssignedResourceTypes. -- [ ResourceChangesViewAccessControlRules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md): +- [ResourceChangesViewAccessControlRules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md): Generates the access control rules which gives to a profile the permissions to call the API ResourceChange, ResourceFileChange and ResourceLinkChange. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md index 84510a8bf0..52130487cb 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md @@ -14,13 +14,13 @@ this screen, simulations can be launched and results can be visualized. The scaffolding generates the following scaffoldings: - [Policy Simulation Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md): -- [ Role And Simulation Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md): +- [Role And Simulation Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md): ## Examples ``` - +**** ``` @@ -36,6 +36,6 @@ Our example generates the following configuration: ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md index 2cfbf62b9c..8e2e809e74 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md @@ -8,23 +8,23 @@ sidebar_position: 80 The scaffolding generates the following scaffoldings: -- [ Entity Type Display Name ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): +- [Entity Type Display Name](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): Computes a default value for resources' internal display names. -- [ Entity Type Display Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md): +- [Entity Type Display Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md): Creates a display table for the given entity. -- [ Update Resources Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md): -- [ Update Resources Menus ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md): -- [ Update Resources Workflows ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md): -- [ View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): +- [Update Resources Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md): +- [Update Resources Menus](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md): +- [Update Resources Workflows](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md): +- [View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the permissions to view an entity type's resources. -- [ Workflow Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md): Creates an +- [Workflow Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md): Creates an entity that will be the source of all workflows that manipulate the given entity. ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md index c289ea15d1..01717fd487 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md @@ -11,24 +11,24 @@ profile. The scaffolding generates the following scaffoldings: -- [ Entity Type Display Name ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): +- [Entity Type Display Name](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): Computes a default value for resources' internal display names. -- [ Entity Type Display Target Resource Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md): +- [Entity Type Display Target Resource Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md): Creates a displaytable for the given entity. -- [ Target Resource Report ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md): Creates a ReportQuery +- [Target Resource Report](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md): Creates a ReportQuery with default Query taking all the properties of the entity. -- [ Target Resource Report Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md): +- [Target Resource Report Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md): Generates the permissions to apply a report for a profile on a given entity. -- [ Target Resource Report Menus ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md): +- [Target Resource Report Menus](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md): Creates the Item menu for the entity's report so that it is displayed in the report view. -- [ View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): +- [View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the permissions to view an entity type's resources. ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md index d6aa8b37fd..f65a4aa942 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md @@ -10,11 +10,11 @@ Creates the view for the given entity as well as the rights for the given profil The scaffolding generates the following scaffoldings: -- [ Entity Type Display Name ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): +- [Entity Type Display Name](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): Computes a default value for resources' internal display names. -- [ Entity Type Display Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md): +- [Entity Type Display Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md): Creates a display table for the given entity. -- [ View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): +- [View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the permissions to view an entity type's resources. ## Examples @@ -25,7 +25,7 @@ The following example implements a default display name for resources from the ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md index ecb6570599..4fa7b9ac7f 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md @@ -11,11 +11,11 @@ in an adaptable table, and give the permissions to view the resources. The scaffolding generates the following scaffoldings: -- [ Entity Type Display Name ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): +- [Entity Type Display Name](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): Computes a default value for resources' internal display names. -- [ Entity Type Display Table Adaptable ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md): +- [Entity Type Display Table Adaptable](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md): Creates an adaptable display table for a given entity type. -- [ View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): +- [View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the permissions to view an entity type's resources. ## Examples @@ -26,7 +26,7 @@ the `Administrator` profile the permissions to view the resources. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/index.md index 73ed64686a..57f7575f78 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/index.md @@ -6,7 +6,7 @@ sidebar_position: 60 # Workforce -- [ Bootstrap Module ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/bootstrapmodule/index.md) Generates the default settings required to start +- [Bootstrap Module](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/bootstrapmodule/index.md) Generates the default settings required to start using Identity Manager and the Workforce Core Solution module.- [Workforce Module](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/workforcemodule/index.md) Generates the workforce repository based on the data filled in the Workforce Core Solution module. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md index 38de9ae718..b87716eba8 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md @@ -6,7 +6,7 @@ sidebar_position: 20 # Connection -A connection represents a link between a [ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) and a connection +A connection represents a link between a [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) and a connection package. ## Examples @@ -16,7 +16,7 @@ package `Usercube.AD@0000001` with only the export task and not the fulfill task ``` - +**** ``` @@ -30,12 +30,10 @@ appsettings.agent.json "Connections": { ... "ADExportFulfillment": { - "Servers": [ - { + "Servers": [{ "Server": "contoso.server.com", "BaseDN": "DC=contoso,DC=com" - } - ], + }], "AuthType": "Basic", "Login": "Contoso", "Password": "ContOso$123456789", @@ -63,8 +61,8 @@ Details about these settings can be found in Identity Manager's ## Child Element: Transformation A connection transformation is optional, but can be needed to adjust the Excel files, output of -[ Export Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) from Excel export connections, before -[ Prepare Synchronization Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md). The +[Export Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) from Excel export connections, before +[Prepare Synchronization Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md). The following operations are possible: - filtering out given rows; diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md index d76247028c..479accc851 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md @@ -20,32 +20,32 @@ associations. A connector is used to synchronize each of its entities and associations in Identity Manager's physical model. A connector is defined with: -- [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md); -- [ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md); -- [ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and - [ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) to link the entity types and +- [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md); +- [Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md); +- [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and + [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) to link the entity types and associations to the corresponding files and columns containing the exported data from the managed system. ## Examples The following example creates a `HR` connector on the agent called `Local` previously declared by an -[ Agent ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/agent/index.md) element. +[Agent](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/agent/index.md) element. -We create the right [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) to use the connector as a -[ CSV ](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/csv/index.md)aiming to export HR CSV files into +We create the right [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) to use the connector as a +[CSV](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/csv/index.md)aiming to export HR CSV files into new CSV files in Identity Manager's format. -The [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) model the resources as `HR_Person` or +The [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) model the resources as `HR_Person` or `HR_Organization`, defining properties. -The [ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) link the entity types to the source +The [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) link the entity types to the source files. -The [ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) creates a link between the two +The [Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) creates a link between the two entity types. -The [ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) links the association to +The [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) links the association to the source files. ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md index 3513a89dc6..90b4502757 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md @@ -6,10 +6,10 @@ sidebar_position: 60 # Entity Association Mapping -Contains all the [ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) that can be +Contains all the [Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) that can be materialized in the Identity Manager physical model. An association mapping can be established between two properties of the same entity type mapping or between two properties of different entity -type mappings having the same connector. See the [ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) topic to learn +type mappings having the same connector. See the [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) topic to learn how to configure an EntityAssociationMapping. ## Properties diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md index daf8d25b6c..df040b95b7 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md @@ -6,15 +6,15 @@ sidebar_position: 70 # Entity Type Mapping -An entity type mapping links a given [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)'s +An entity type mapping links a given [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)'s properties with the source columns of the corresponding managed system. The entity type mapping -specifies the related [ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) and the path to the CSV source file which +specifies the related [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) and the path to the CSV source file which contains, or will contain, the data exported from the managed system. Each of its Entity Type Mapping properties will define the corresponding source column and specific options. An entity type mapping shares the same identifier as its related entity type. -See the example of a whole [ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) containing an entity type mapping. +See the example of a whole [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) containing an entity type mapping. ## Properties @@ -32,7 +32,7 @@ See the example of a whole [ Connector ](/docs/identitymanager/6.2/integration-g ## Child Element: Property -Contains all the [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties that can be +Contains all the [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties that can be synchronized into Identity Manager physical model. Each mapping share the same id as its corresponding property in the entity type. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/index.md index 27837bebbb..5ec082b1ff 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/index.md @@ -6,11 +6,11 @@ sidebar_position: 20 # Connectors -- [ Agent ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/agent/index.md) -- [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) -- [ Connection Table ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connectiontable/index.md) -- [ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) +- [Agent](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/agent/index.md) +- [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) +- [Connection Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connectiontable/index.md) +- [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) - [Resource Type Mappings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/index.md) -- [ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) -- [ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) -- [ Password Reset Settings ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) +- [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +- [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) +- [Password Reset Settings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md index 3e317c957d..e7e0d0353f 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md @@ -31,7 +31,7 @@ total, at least 8 lowercase characters, 4 uppercase characters, 2 digits and 2 s ``` - +**** ``` @@ -43,7 +43,7 @@ total, at least 8 lowercase characters, 4 uppercase characters, 2 digits and 2 s ``` - +**** ``` @@ -58,7 +58,7 @@ character. ``` - +**** ``` @@ -82,4 +82,4 @@ character. | NotificationCC optional | **Type** String **Description** Email address to set as CC recipient of all password reset notifications. | | NotifiedEmailBinding optional | **Type** Int64 **Description** Binding to the email address property of the person to be notified. | | NotifiedFullNameBinding optional | **Type** Int64 **Description** Binding to the full name property of the person to be notified. | -| StrengthCheck optional | **Type** String **Description** Regular expression (regex) that generated passwords must match, when `AutoGenerate` is set to `true`. **Note:** the strength of passwords set manually by users can be configured via [ Password Tests Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md). | +| StrengthCheck optional | **Type** String **Description** Regular expression (regex) that generated passwords must match, when `AutoGenerate` is set to `true`. **Note:** the strength of passwords set manually by users can be configured via [Password Tests Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md). | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/easyvistaresourcetypemapping/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/easyvistaresourcetypemapping/index.md index b325e1ed89..125377feba 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/easyvistaresourcetypemapping/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/easyvistaresourcetypemapping/index.md @@ -27,6 +27,6 @@ script in the command line. | Description optional | String | File path of the template used for the generation of the ticket description. | | ImpactId optional | String | [Impact](https://wiki.easyvista.com/xwiki/bin/view/Documentation/Service%20Manager%20-%20All%20Menus/References%20Tables/#impact) of the ticket. | | SeverityId optional | String | [Severity level](https://wiki.easyvista.com/xwiki/bin/view/Documentation/Service%20Manager%20-%20All%20Menus/References%20Tables/#severity-level) of the ticket. | -| TicketSynchroIsNotAvailable default value: false | Boolean | True to set synchronization as unavailable for this resource type. Once the ticket is closed and the resource is created, updated or deleted, then the assignment's status is directly set to Verified. Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketSynchroIsNotAvailable default value: false | Boolean | True to set synchronization as unavailable for this resource type. Once the ticket is closed and the resource is created, updated or deleted, then the assignment's status is directly set to Verified. Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | | Title optional | String | File path of the template used for the generation of the ticket title. | | UrgencyId optional | String | [Urgency level](https://wiki.easyvista.com/xwiki/bin/view/Documentation/Service%20Manager%20-%20All%20Menus/References%20Tables/#urgency-level) of the ticket. | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/manualprovisioningresourcetypemapping/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/manualprovisioningresourcetypemapping/index.md index c3fc03a3f8..2585168e26 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/manualprovisioningresourcetypemapping/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/manualprovisioningresourcetypemapping/index.md @@ -22,4 +22,4 @@ script in the command line. | Property | Type | Description | | ------------------------------------ | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Connection required | String | Identifier of the corresponding connection. | -| TicketSynchroIsNotAvailable optional | Boolean | True to set synchronization as unavailable for this resource type. Once the ticket is closed and the resource is created, updated or deleted, then the assignment's status is directly set to Verified. Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketSynchroIsNotAvailable optional | Boolean | True to set synchronization as unavailable for this resource type. Once the ticket is closed and the resource is created, updated or deleted, then the assignment's status is directly set to Verified. Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/servicenowresourcetypemapping/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/servicenowresourcetypemapping/index.md index e540738608..576e3872ab 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/servicenowresourcetypemapping/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/servicenowresourcetypemapping/index.md @@ -34,10 +34,10 @@ script in the command line. | Connection required | String | Identifier of the corresponding connection. | | DefaultObjectClass optional | String | Default object class used by the provisioner, for example person, organizationalPerson, and user, etc. Multiple default object classes are separated with
. | | PasswordResetSetting optional | String | Identifier of the corresponding password reset setting. | -| TicketAdditionalInformation optional | String | Information to add at the end of the description for all tickets created for this resource type. Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | -| TicketCallerId optional | String | Attribute that corresponds to the identifier of the "caller" person in ServiceNow. Required when using the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | -| TicketCategory optional | String | Category in which new tickets will be created in ServiceNow for this resource type. **NOTE:** Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | -| TicketImpact default value: Low | TicketImpact | Impact of the ticket in ServiceNow: Low; Medium; or High. Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | -| TicketSubCategory optional | String | Subcategory in which new tickets will be created in ServiceNow for this resource type. Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | -| TicketSynchroIsNotAvailable default value: false | Boolean | True to set synchronization as unavailable for this resource type. Once the ticket is closed and the resource is created, updated or deleted, then the assignment's status is directly set to Verified. Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | -| TicketUrgency default value: Low | TicketUrgency | Urgency of the ticket in ServiceNow: Low; Medium; High. **NOTE:** Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketAdditionalInformation optional | String | Information to add at the end of the description for all tickets created for this resource type. Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketCallerId optional | String | Attribute that corresponds to the identifier of the "caller" person in ServiceNow. Required when using the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketCategory optional | String | Category in which new tickets will be created in ServiceNow for this resource type. **NOTE:** Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketImpact default value: Low | TicketImpact | Impact of the ticket in ServiceNow: Low; Medium; or High. Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketSubCategory optional | String | Subcategory in which new tickets will be created in ServiceNow for this resource type. Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketSynchroIsNotAvailable default value: false | Boolean | True to set synchronization as unavailable for this resource type. Once the ticket is closed and the resource is created, updated or deleted, then the assignment's status is directly set to Verified. Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketUrgency default value: Low | TicketUrgency | Urgency of the ticket in ServiceNow: Low; Medium; High. **NOTE:** Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/index.md index b30b71b9fc..3160d180e2 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/index.md @@ -13,16 +13,16 @@ same. ## Family Entity Listing -- [ Access Certification ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/index.md) -- [ Connectors ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/index.md) -- [ Configuration ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/index.md) -- [ User Interface ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/index.md) -- [ Jobs ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/index.md) -- [ Metadata ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/index.md) -- [ Notifications ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/index.md) -- [ Provisioning ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/index.md) -- [ Reporting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/reporting/index.md) -- [ Resources ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/resources/index.md) -- [ Access Certification ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/index.md) -- [ Business Intelligence ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/index.md) -- [ Workflows ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/index.md) +- [Access Certification](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/index.md) +- [Connectors](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/index.md) +- [Configuration](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/index.md) +- [User Interface](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/index.md) +- [Jobs](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/index.md) +- [Metadata](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/index.md) +- [Notifications](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/index.md) +- [Provisioning](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/index.md) +- [Reporting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/reporting/index.md) +- [Resources](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/resources/index.md) +- [Access Certification](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-certification/index.md) +- [Business Intelligence](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/index.md) +- [Workflows](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/index.md index 7503bb10c8..14ccac8aaf 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/index.md @@ -9,7 +9,7 @@ sidebar_position: 50 A job is defined via the `Job` tag to orchestrate tasks together, in order to perform specific actions. -All [ Tasks ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md) types are child elements of jobs. +All [Tasks](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md) types are child elements of jobs. -- [ Job ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/job/index.md) -- [ Tasks ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md) +- [Job](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/job/index.md) +- [Tasks](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md index 99568ffc3d..9f9dcef102 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md @@ -14,7 +14,7 @@ An activity Instance can have at most 20 actors. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md index 4981de4746..1306fb149d 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md @@ -16,7 +16,7 @@ For every **EntityType**, a matching SQL view is created from the UR_Resource ta ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md index d1117febf6..dbe2b5d023 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md @@ -17,7 +17,7 @@ changes in ServiceNow. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/index.md index e52b700508..27ae33a3b5 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/index.md @@ -6,33 +6,33 @@ sidebar_position: 10 # Agent Tasks -- [ Activity Instance Actor Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md) +- [Activity Instance Actor Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md) Update the Actors for the workflows instances. -- [ Create Database Views Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md) +- [Create Database Views Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md) Generates entity model SQL views in the Identity Manager database. -- [ Export Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) +- [Export Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) Runs the specified connection's export. -- [ Fulfill Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md) +- [Fulfill Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md) Retrieves provisioning orders from the informed connector generated by GenerateProvisioningOrdersTask to make changes in a system. Instead of a connector it is possible to launch it with a list of TaskResourceTypes. -- [ Invoke Api Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeapitask/index.md) +- [Invoke Api Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeapitask/index.md) Tool to launch any Identity Manager API. -- [ Invoke Aspects Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeaspectstask/index.md) +- [Invoke Aspects Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeaspectstask/index.md) Call specific api in Identity Manager. -- [ Invoke Expression Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) +- [Invoke Expression Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) Launches on agent side a powershell script given as input. @@ -41,6 +41,6 @@ sidebar_position: 10 Takes as input an SQL file or an SQL command to output several CSV files that can be used by the collection. -- [ Prepare Synchronization Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) +- [Prepare Synchronization Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) Cleanses exported CSV files. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md index d40c6f5334..694920a100 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md @@ -12,7 +12,7 @@ Launches on agent side a powershell script given as input. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokesqlcommandtask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokesqlcommandtask/index.md index cf62dc1527..aa504bd2e5 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokesqlcommandtask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokesqlcommandtask/index.md @@ -18,10 +18,13 @@ script in the command line. ``` -**NOTE:** The database Identifier attribute has a specific location where the connection strings for +:::note +The database Identifier attribute has a specific location where the connection strings for the database identifiers need to be defined. See the [appsettings.agent](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md)topic for additional information. +::: + ## Properties diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md index dc03c579c8..26f50cf058 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md @@ -18,8 +18,8 @@ for additional information. The following actions are performed on the _CSV source files_: 1. Remove columns that are not used in - [ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or - [ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). + [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or + [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). 2. Remove entries that have a null primary key. 3. Remove duplicates. 4. Sort entries according to the primary key. @@ -29,8 +29,8 @@ The result of the _Prepare-Synchronization_ is stored in the as three files: - For every entity type of the relevant _Connector_ involved in an - [ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)> or an - [ Entity Association Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), a + [Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)> or an + [Entity Association Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), a `.sorted.csv` file is generated, containing the final, cleansed and sorted result. - Duplicates are kept in a separate `.duplicates.csv` file. - Null primary key entries are kept in a separate `.nullpk.csv` file. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md index b2eed913a9..860fd6a022 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md @@ -8,33 +8,33 @@ sidebar_position: 20 - [Agent Tasks](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/index.md) -- [ Activity Instance Actor Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md) +- [Activity Instance Actor Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md) Update the Actors for the workflows instances. -- [ Create Database Views Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md) +- [Create Database Views Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md) Generates entity model SQL views in the Identity Manager database. -- [ Export Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) +- [Export Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) Runs the specified connection's export. -- [ Fulfill Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md) +- [Fulfill Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md) Retrieves provisioning orders from the informed connector generated by GenerateProvisioningOrdersTask to make changes in a system. Instead of a connector it is possible to launch it with a list of TaskResourceTypes. -- [ Invoke Api Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeapitask/index.md) +- [Invoke Api Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeapitask/index.md) Tool to launch any Identity Manager API. -- [ Invoke Aspects Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeaspectstask/index.md) +- [Invoke Aspects Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeaspectstask/index.md) Call specific api in Identity Manager. -- [ Invoke Expression Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) +- [Invoke Expression Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) Launches on agent side a powershell script given as input. @@ -43,37 +43,37 @@ sidebar_position: 20 Takes as input an SQL file or an SQL command to output several CSV files that can be used by the collection. -- [ Prepare Synchronization Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) +- [Prepare Synchronization Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) Cleanses exported CSV files. -- [ Server Tasks ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/index.md) +- [Server Tasks](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/index.md) -- [ Build Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md) +- [Build Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md) Applies the role naming rules, i.e. generates single roles and navigation rules based on resources matching a given pattern. -- [ Compute Correlation Keys Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) +- [Compute Correlation Keys Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) The Compute Role Model correlation keys will pre-calculate all the keys needed by the Compute Role Model to match the resources. -- [ Compute Risk Scores Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computeriskscorestask/index.md) +- [Compute Risk Scores Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computeriskscorestask/index.md) Update risk score with the risk settings. -- [ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +- [Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) The Compute Role Model will calculate the role model of all whose EntityTypes sources are included in the list of EntityTypes given in the start of this job. -- [ Deploy Configuration Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) +- [Deploy Configuration Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) From a folder, retrieves all configuration xml files to calculate the configuration items to insert, update or delete. -- [ Fulfill Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md) +- [Fulfill Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md) Retrieves provisioning orders from the informed connector generated by GenerateProvisioningOrdersTask to make changes in a system. Instead of a connector it is @@ -84,89 +84,89 @@ sidebar_position: 20 The provisioning task will recover all resources whose provisioningState is at 1 to build a list of JSON files containing all provisioning orders. -- [ Get Role Mining Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) +- [Get Role Mining Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) Role mining is the process of analyzing user-to-resource mapping data to determine or modify user permissions for role-based access control (RBAC) in an enterprise. In a business setting, roles are defined according to job competency, authority and responsibility. -- [ Get Role Mining Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) -- [ Invoke Expression Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md) +- [Get Role Mining Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) +- [Invoke Expression Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md) Launches on agent side a powershell script given as input. -- [ Invoke Sql Command Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokesqlcommandtask/index.md) +- [Invoke Sql Command Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokesqlcommandtask/index.md) Takes as input an SQL file or an SQL command to output several CSV files that can be used by the collection. -- [ Maintain Indexes Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md) +- [Maintain Indexes Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md) Index maintenance and statistics update for all database tables. -- [ Manage Configuration Indexes Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/manageconfigurationindexestask/index.md) +- [Manage Configuration Indexes Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/manageconfigurationindexestask/index.md) Manage indexes for items from configuration. -- [ Process Access Certification Items Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/processaccesscertificationitemstask/index.md) +- [Process Access Certification Items Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/processaccesscertificationitemstask/index.md) Process decisions on access certification items. -- [ Reset Valid From Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md) +- [Reset Valid From Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md) Initialize historization tables by setting each entity's first record `ValidFrom` value to 0001-01-01 00:00:00.00. -- [ Save Pre-Existing Access Rights Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md) +- [Save Pre-Existing Access Rights Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md) During an initial installation of Identity Manager, data normally provided by Identity Manager or through a derogation in the User Interface is already present in the application system. -- [ Send Access Certification Notification Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendaccesscertificationnotificationtask/index.md) +- [Send Access Certification Notification Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendaccesscertificationnotificationtask/index.md) Notify assigned users having pending access certification items in campaign marked with `NotificationNeeded`. -- [ Send Notifications Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) +- [Send Notifications Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) Task that sends a notification to each configured recipient. -- [ Send Role Model Notifications Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendrolemodelnotificationstask/index.md) +- [Send Role Model Notifications Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendrolemodelnotificationstask/index.md) Task that sends a notification to all users who have pending roles to review, only for roles with a simple approval workflow, i.e. pending the validation 1 out of 1. -- [ Set Access Certification Reviewer Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md) +- [Set Access Certification Reviewer Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md) Assign access certification items to users according to their profiles and the access control rules. -- [ Set Internal User Profiles Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) +- [Set Internal User Profiles Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) Will execute the profile rules of the different resource types given in parameters to create, modify or delete profiles in automatic mode. -- [ Set Recently Modified Flag Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) +- [Set Recently Modified Flag Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) When synchronizing in full or incremental mode, it is possible to optimize the compute performance of the role model by taking into account only the changes made by the synchronization. -- [ Synchronize Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) +- [Synchronize Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) Retrieves the files generated by the prepare-synchronization task to insert the data into the Identity Manager database. -- [ Update Access Certification Campaign Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md) +- [Update Access Certification Campaign Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md) Starts or stops the access certification campaigns according to their `StartDate` and `EndDate`. -- [ Update Classification Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) +- [Update Classification Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) Classifies a list of resources that are part of the resourceType data targets as an argument to this job. -- [ Update Entity Property Expressions Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) +- [Update Entity Property Expressions Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) Calculates either for all entities or for a list of entities the expressions and inserts the values in the database. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md index c6d16dda66..7b2dd6d073 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md @@ -6,8 +6,8 @@ sidebar_position: 10 # Build Role Model Task -Applies the [ Role Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md), also named -[ Create Roles in Bulk ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md), +Applies the [Role Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md), also named +[Create Roles in Bulk](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md), i.e. generates single roles and navigation rules based on resources matching a given pattern. > For example, this task can transform AD groups with a special naming convention into roles. @@ -18,7 +18,7 @@ The following example applies all role naming rules linked to the AD connector. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md index bf07194e52..c29b3827fe 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md @@ -13,7 +13,7 @@ Model to match the resources. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md index 53ba20fffd..3beaae538d 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md @@ -13,7 +13,7 @@ update or delete. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md index 58cfe3cecd..e1f90a32a7 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md @@ -17,7 +17,7 @@ changes in ServiceNow. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md index 9dcd8ed574..033755aacc 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md @@ -19,7 +19,7 @@ SingleRoles and CompositesRoles and set it up in the system. ``` - +** ** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/index.md index 0e7909b6c5..e2b564090a 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/index.md @@ -6,31 +6,31 @@ sidebar_position: 20 # Server Tasks -- [ Build Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md) +- [Build Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md) Applies the role naming rules, i.e. generates single roles and navigation rules based on resources matching a given pattern. -- [ Compute Correlation Keys Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) +- [Compute Correlation Keys Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) The Compute Role Model correlation keys will pre-calculate all the keys needed by the Compute Role Model to match the resources. -- [ Compute Risk Scores Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computeriskscorestask/index.md) +- [Compute Risk Scores Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computeriskscorestask/index.md) Update risk score with the risk settings. -- [ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +- [Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) The Compute Role Model will calculate the role model of all whose EntityTypes sources are included in the list of EntityTypes given in the start of this job. -- [ Deploy Configuration Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) +- [Deploy Configuration Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) From a folder, retrieves all configuration xml files to calculate the configuration items to insert, update or delete. -- [ Fulfill Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md) +- [Fulfill Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md) Retrieves provisioning orders from the informed connector generated by GenerateProvisioningOrdersTask to make changes in a system. Instead of a connector it is @@ -41,88 +41,88 @@ sidebar_position: 20 The provisioning task will recover all resources whose provisioningState is at 1 to build a list of JSON files containing all provisioning orders. -- [ Get Role Mining Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) +- [Get Role Mining Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) Role mining is the process of analyzing user-to-resource mapping data to determine or modify user permissions for role-based access control (RBAC) in an enterprise. In a business setting, roles are defined according to job competency, authority and responsibility. -- [ Invoke Expression Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md) +- [Invoke Expression Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md) Launches on agent side a powershell script given as input. -- [ Invoke Sql Command Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokesqlcommandtask/index.md) +- [Invoke Sql Command Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokesqlcommandtask/index.md) Takes as input an SQL file or an SQL command to output several CSV files that can be used by the collection. -- [ Maintain Indexes Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md) +- [Maintain Indexes Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md) Index maintenance and statistics update for all database tables. -- [ Manage Configuration Indexes Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/manageconfigurationindexestask/index.md) +- [Manage Configuration Indexes Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/manageconfigurationindexestask/index.md) Manage indexes for items from configuration. -- [ Process Access Certification Items Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/processaccesscertificationitemstask/index.md) +- [Process Access Certification Items Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/processaccesscertificationitemstask/index.md) Process decisions on access certification items. -- [ Reset Valid From Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md) +- [Reset Valid From Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md) Initialize historization tables by setting each entity's first record `ValidFrom` value to 0001-01-01 00:00:00.00. -- [ Save Pre-Existing Access Rights Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md) +- [Save Pre-Existing Access Rights Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md) During an initial installation of Identity Manager, data normally provided by Identity Manager or through a derogation in the User Interface is already present in the application system. -- [ Send Access Certification Notification Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendaccesscertificationnotificationtask/index.md) +- [Send Access Certification Notification Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendaccesscertificationnotificationtask/index.md) Notify assigned users having pending access certification items in campaign marked with `NotificationNeeded`. -- [ Send Notifications Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) +- [Send Notifications Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) Task that sends a notification to each configured recipient. -- [ Send Role Model Notifications Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendrolemodelnotificationstask/index.md) +- [Send Role Model Notifications Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendrolemodelnotificationstask/index.md) Task that sends a notification to all users who have pending roles to review, only for roles with a simple approval workflow, i.e. pending the validation 1 out of 1. -- [ Set Access Certification Reviewer Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md) +- [Set Access Certification Reviewer Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md) Assign access certification items to users according to their profiles and the access control rules. -- [ Set Internal User Profiles Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) +- [Set Internal User Profiles Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) Will execute the profile rules of the different resource types given in parameters to create, modify or delete profiles in automatic mode. -- [ Set Recently Modified Flag Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) +- [Set Recently Modified Flag Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) When synchronizing in full or incremental mode, it is possible to optimize the compute performance of the role model by taking into account only the changes made by the synchronization. -- [ Synchronize Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) +- [Synchronize Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) Retrieves the files generated by the prepare-synchronization task to insert the data into the Identity Manager database. -- [ Update Access Certification Campaign Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md) +- [Update Access Certification Campaign Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md) Starts or stops the access certification campaigns according to their `StartDate` and `EndDate`. -- [ Update Classification Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) +- [Update Classification Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) Classifies a list of resources that are part of the resourceType data targets as an argument to this job. -- [ Update Entity Property Expressions Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) +- [Update Entity Property Expressions Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) Calculates either for all entities or for a list of entities the expressions and inserts the values in the database. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md index 5c3d1a7e58..0d55eba4d0 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md @@ -12,7 +12,7 @@ Launches on agent side a powershell script given as input. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md index f452fdc119..696f1eda50 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md @@ -12,7 +12,7 @@ Maintain indexes and update statistics for all database tables. Also cleans up d ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md index c1c2465a6b..60ceabc731 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md @@ -13,7 +13,7 @@ Initialize historization tables by setting each entity's first record `ValidFrom ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md index 92c949940c..8ab093a230 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md @@ -23,7 +23,7 @@ the past. This update affects the following properties: ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md index d5d1d43533..f28b35ae30 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md @@ -7,7 +7,7 @@ sidebar_position: 170 # Send Notifications Task Task that sends all the custom notifications defined by the -[ Notification ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notification/index.md) XML tag. +[Notification](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notification/index.md) XML tag. ## Examples @@ -17,7 +17,7 @@ notifications concerning the `Directory_User` entity type. ``` - +** ** Knowing that we have for example: diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md index 1cde7c8745..e6618d4434 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md @@ -12,7 +12,7 @@ Assign access certification items to users according to their profiles and the a ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md index 992258e821..18d4b33d2d 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md @@ -9,7 +9,7 @@ sidebar_position: 200 Will execute the profile rules of the different resource types given in parameters to create, modify or delete profiles in automatic mode. -It is necessary to set up [ Profile Context ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md) as +It is necessary to set up [Profile Context](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md) as well as [Profile Rule Context](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md) to be able to use this job. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md index 2b8a5515fa..aa61b5dd78 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md @@ -9,12 +9,12 @@ sidebar_position: 210 When synchronizing in full or incremental mode, it is possible to optimize the compute performance of the role model by taking into account only the changes made by the synchronization. This optimization is based on the `dirty` property of the entity -[ Resource ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/resources/resource/index.md). The task -[ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) with option `dirty` set to `true` will +[Resource](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/resources/resource/index.md). The task +[Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) with option `dirty` set to `true` will treat only resources marked as dirty. This task is used to set the `dirty` flag on all resources based on -[ Resources ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/resources/index.md)Change, Resource Link Change and Resource File Change +[Resources](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/resources/index.md)Change, Resource Link Change and Resource File Change entities. After this, it clears this changes tables. This task works correctly only if **previous synchronization tasks have not cleared the change @@ -24,7 +24,7 @@ tables** (option `DoNotDeleteChanges` set to `true`). ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md index b2cea9880f..825edf4677 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md @@ -7,20 +7,20 @@ sidebar_position: 220 # Synchronize Task Retrieves the files generated by the -[ Upward Data Synchronization ](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) to +[Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) to insert the data into the Identity Manager database. For more information on how the Synchronization works, see -[ Upward Data Synchronization ](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md). +[Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md). Collection must be done by the -[ Prepare Synchronization Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md). +[Prepare Synchronization Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md). ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md index b2f02e0f24..142b60bd7d 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md @@ -14,7 +14,7 @@ Filter and Access Certification Owner Filter), and fill the database with them. ``` - < +**<** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md index fdcef0d4cd..29671b7cbe 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md @@ -15,7 +15,7 @@ You must set up the ResourceClassificationRule on resourceTypes to be able to us ``` - +** ** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md index 2cdc9ae8be..00f5848e6c 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md @@ -13,7 +13,7 @@ in the database. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md index ed92774991..8601746941 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md @@ -6,7 +6,7 @@ sidebar_position: 30 # Dimension -A dimension is an [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) used to define an organizational filter +A dimension is an [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) used to define an organizational filter for the Identity Manager role model. ## Examples @@ -17,7 +17,7 @@ store the dimension value in the assignment rule tables. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md index 62f6e9f0d1..7292e3b85e 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md @@ -7,7 +7,7 @@ sidebar_position: 40 # Entity Association An entity association is used to model an association in Identity Manager's metadata. See the -[ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md)topic for additional information on a whole +[Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md)topic for additional information on a whole connector with its entity properties and associations. ## Examples @@ -30,7 +30,7 @@ several users, and one user to several groups. ``` - +**** ``` @@ -42,5 +42,5 @@ several users, and one user to several groups. | Identifier required | **Type** String **Description** Unique identifier of the association. It must be unique to the entity model scope. | | IsProperty1Collection default value: false | **Type** Boolean **Description** `true` to define a many-to-one association. | | IsProperty2Collection default value: false | **Type** Boolean **Description** `true` to define a one-to-many association. | -| Property1 required | **Type** Int64 **Description** Defines the first navigation property. A navigation property can be mono-valued or multi-valued (with its corresponding `IsPropertyCollection` set to `true`). Mono-valued navigation properties may be optimized (with a `TargetColumnIndex`) or not (without `TargetColumnIndex`). See more details under the TargetColumnIndex section of the [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties page. | +| Property1 required | **Type** Int64 **Description** Defines the first navigation property. A navigation property can be mono-valued or multi-valued (with its corresponding `IsPropertyCollection` set to `true`). Mono-valued navigation properties may be optimized (with a `TargetColumnIndex`) or not (without `TargetColumnIndex`). See more details under the TargetColumnIndex section of the [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties page. | | Property2 required | **Type** Int64 **Description** Defines the second navigation property. | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md index 24efb2589c..a2f7ed81c1 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md @@ -7,7 +7,7 @@ sidebar_position: 60 # Entity Type Represents a conceptual model of a business object, such as a person entity or an organization -entity. See the [ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md)topic for additional information +entity. See the [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md)topic for additional information on how to configure define an EntityType. ## Properties @@ -15,7 +15,7 @@ on how to configure define an EntityType. | Property | Details | | ----------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | DisplayName_L1 optional | **Type** String **Description** Display name of the entity type in language 1 (up to 16). | -| Identifier required | **Type** String **Description** Unique identifier of the entity type. It must is be unique to the _entity model_ scope. Cannot be [ Reserved identifiers ](/docs/identitymanager/6.2/integration-guide/toolkit/reservedidentifiers/index.md). | +| Identifier required | **Type** String **Description** Unique identifier of the entity type. It must is be unique to the _entity model_ scope. Cannot be [Reserved identifiers](/docs/identitymanager/6.2/integration-guide/toolkit/reservedidentifiers/index.md). | | LicenseTag optional | **Type** String **Description** Value of the `Tag` parameter of the license key (in `appsettings.json`) linked to the entity type. All the features allowed by the license key are enabled for this entity type, otherwise only default features are available. | | TableName optional | **Type** String **Description** Represents the table name of hard coded entity types. Exclusively reserved to Identity Manager connector for Power BI. | @@ -55,7 +55,7 @@ For example, the below `Dimension1` attribute references a _Title_ entity by its ``` - +**** ``` @@ -76,7 +76,7 @@ queries directly in the database before deploying the configuration. | FlexibleComparisonExpression optional | **Type** String **Description** Expression used to transform the query input value for comparison using a flexible operator. | | GroupByProperty optional | **Type** Int64 **Description** Property used to regroup navigation resources (resources used in navigation rules) by value. When defined, the Evaluate policy will enforce that one and only one item of a group can be assigned to an identity on a given date range. **Warning:** whenever the value of this property changes for a resource used in the defined navigation rules, the server needs to be restarted in order for the changes to be taken into account. | | HistoryPrecision default value: 0 | **Type** Int32 **Description** Defines the number of minutes to wait, after a property change, before triggering the record history mechanism. | -| Identifier required | **Type** String **Description** Unique identifier of the property. It must be unique to the parent entity type scope. Cannot be a [ Reserved identifiers ](/docs/identitymanager/6.2/integration-guide/toolkit/reservedidentifiers/index.md) and can only contain numbers (except the first character) and letters without accents. **Note:** cannot be "Id". | +| Identifier required | **Type** String **Description** Unique identifier of the property. It must be unique to the parent entity type scope. Cannot be a [Reserved identifiers](/docs/identitymanager/6.2/integration-guide/toolkit/reservedidentifiers/index.md) and can only contain numbers (except the first character) and letters without accents. **Note:** cannot be "Id". | | IsKey default value: false | **Type** Boolean **Description** `true` if the property is designated to be one of the keys that uniquely identify any resource from the entity type in the configuration. Each entity type must have at least one key. **Note:** AD synchronization requires the `dn` property to have either `IsKey` or `EntityTypeMapping` > `Property` > `IsUniqueKey` set to `true` (key property in the UI). | | Language optional | **Type** Int64 **Description** Language associated to the property if it is localized (optional). | | NeutralProperty optional | **Type** Int64 **Description** Neutral property associated to the property if it is localized (optional). | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/index.md index 2e9dad008a..d4664adfc6 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/index.md @@ -6,11 +6,11 @@ sidebar_position: 60 # Metadata -- [ Access Control Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/accesscontrolentitytype/index.md) -- [ Binding ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) -- [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) -- [ Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) -- [ Entity Property Expression ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitypropertyexpression/index.md) -- [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) -- [ Language ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/language/index.md) -- [ Settings ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/index.md) +- [Access Control Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/accesscontrolentitytype/index.md) +- [Binding](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) +- [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) +- [Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) +- [Entity Property Expression](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitypropertyexpression/index.md) +- [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) +- [Language](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/language/index.md) +- [Settings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/language/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/language/index.md index 1db2b6db37..fb26e8816b 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/language/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/language/index.md @@ -14,7 +14,7 @@ The following example declares a new language. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md index dff286a9bd..ee0ae469d0 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md @@ -12,7 +12,7 @@ Used to track the current configuration version. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/index.md index ece971e202..5eea2a67b0 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/index.md @@ -10,35 +10,35 @@ sidebar_position: 80 This setting is used to customize the application display. -- [ Configuration Version Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md) +- [Configuration Version Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md) Used to track the current configuration version. -- [ Custom Link 1 Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/customlink1setting/index.md) +- [Custom Link 1 Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/customlink1setting/index.md) Used to display a given static HTML file to a custom URL address. -- [ Custom Link 2 Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/customlink2setting/index.md) +- [Custom Link 2 Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/customlink2setting/index.md) Used to display a given static HTML file to a custom URL address. -- [ Dashboard Item Number Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/dashboarditemnumbersetting/index.md) +- [Dashboard Item Number Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/dashboarditemnumbersetting/index.md) Used to customize the number of links to display on each section on the Dashboard. If no value is defined, the default value is 3. The value must be greater than 0 and less than or equal to 5. -- [ Mail Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md) -- [ Password Generation Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/passwordgenerationsetting/index.md) -- [ Password Tests Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md) +- [Mail Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md) +- [Password Generation Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/passwordgenerationsetting/index.md) +- [Password Tests Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md) This setting enables a check on the passwords set manually by users. -- [ Scheduling Clean Database Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/schedulingcleandatabasesetting/index.md) +- [Scheduling Clean Database Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/schedulingcleandatabasesetting/index.md) If the default value for the Task CleanDataBase needs to be overridden. -- [ Select All Performed by Association Query Handler Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md) +- [Select All Performed by Association Query Handler Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md) This setting enables task delegation to a group of people. @@ -46,6 +46,6 @@ sidebar_position: 80 This setting is used to filter the entity type used by authentication mechanism. -- [ Select User by Identity Query Handler Setting ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md) +- [Select User by Identity Query Handler Setting](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md) This attribute matches an end-user with a resource from the unified resource repository. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md index 29d57f8972..0fffce5572 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md @@ -13,7 +13,7 @@ the email addresses contained by the `Email` property. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md index 5098209fce..59793446d1 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md @@ -9,7 +9,7 @@ sidebar_position: 80 This setting enables a check on the passwords set manually by users. The strength of passwords generated by Identity Manager can be configured via -[ Password Reset Settings ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) StrengthCheck. +[Password Reset Settings](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) StrengthCheck. ## Examples @@ -18,7 +18,7 @@ including at least one digit, one lowercase letter, one uppercase and one specia ``` - +**** ``` @@ -27,4 +27,17 @@ including at least one digit, one lowercase letter, one uppercase and one specia | Property | Details | | --------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Identifier default value: PasswordTests | **Type** String **Description** Unique identifier of the setting. | -| PasswordRegex optional | **Type** String **Description** Regular expression(s) (regex) that users' passwords must match to be acceptable when set manually. When setting several regex, passwords must match all of them to be considered strong, and 70% to be considered average. Below that, a password is considered weak and cannot be confirmed. **Default value:**`'^..*$', '^...*$', '^....*$', '^.....*$', '^......*$', '^.......*$', '^........*$', '^.........*$', '^..........*$', '^.*[0-9].*$', '^.*[a-z].*$', '^.*[A-Z].*$', '^.*[^A-Za-z0-9].*$'` | +| PasswordRegex optional | **Type** String **Description** Regular expression(s) (regex) that users' passwords must match to be acceptable when set manually. When setting several regex, passwords must match all of them to be considered strong, and 70% to be considered average. Below that, a password is considered weak and cannot be confirmed. **Default value:**`'^..* +, '^...* +, '^....* +, '^.....* +, '^......* +, '^.......* +, '^........* +, '^.........* +, '^..........* +, '^.*[0-9].* +, '^.*[a-z].* +, '^.*[A-Z].* +, '^.*[^A-Za-z0-9].* +` | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md index 40d96d3079..5f1c5bfb3a 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md @@ -12,7 +12,7 @@ This setting enables task delegation to a group of people. ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/index.md index e8d4d8f6d5..8326d4bb55 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/index.md @@ -6,6 +6,6 @@ sidebar_position: 70 # Notifications -- [ Notification ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notification/index.md) -- [ Notifications (Typed) ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/index.md) +- [Notification](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notification/index.md) +- [Notifications (Typed)](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/index.md) - [Notification Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notification/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notification/index.md index 2466f2fe16..7bc72d0ad8 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notification/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notification/index.md @@ -7,7 +7,7 @@ sidebar_position: 10 # Notification A notification can be configured to be sent to a given user on a regular basis at specified times, -through the [ Send Notifications Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) as +through the [Send Notifications Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) as part of a job. ## Examples diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/index.md index c65203c87f..40d805f95a 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/index.md @@ -6,15 +6,15 @@ sidebar_position: 20 # Notifications (Typed) -- [ Access Certification Notification ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/accesscertificationnotification/index.md) +- [Access Certification Notification](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/accesscertificationnotification/index.md) Reminder notification concerning access certification. -- [ Manual Provisioning Notification ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/manualprovisioningnotification/index.md) +- [Manual Provisioning Notification](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/manualprovisioningnotification/index.md) Reminder notification concerning manual provisioning. -- [ Provisioning Review Notification ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/provisioningreviewnotification/index.md) +- [Provisioning Review Notification](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/provisioningreviewnotification/index.md) Reminder notification concerning provisioning review. @@ -22,6 +22,6 @@ sidebar_position: 20 Reminder notification concerning role model tasks. -- [ Role Review Notification ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/rolereviewnotification/index.md) +- [Role Review Notification](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notifications/rolereviewnotification/index.md) Reminder notification concerning role review. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md index 99a0b8e8ae..d9f60f8aef 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md @@ -14,7 +14,7 @@ Identity Manager natively sends notifications for usual cases. These native notifications are based on cshtml templates available inside the `Runtime` folder. If the provided templates do not meet your exact needs, then they can be replaced by personalized notification templates. See the -[ Native Notifications ](/docs/identitymanager/6.2/integration-guide/notifications/native/index.md)topic for additional information. +[Native Notifications](/docs/identitymanager/6.2/integration-guide/notifications/native/index.md)topic for additional information. ## Examples diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md index 90f2812941..46a58a76ac 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md @@ -41,7 +41,10 @@ There are distinct types of automation rules: `PolicyAutomationRule` is equivalent to `AutomationRule` with its `Type` set to `Policy`, and requires specifying the `Policy` and `EntityType` properties. -_Remember,_ Netwrix recommends always using the typed syntax. +:::tip +Remember, Netwrix recommends always using the typed syntax. +::: + For example, you should always use `SingleRoleAutomationRule`, rather than `AutomationRule` with `Type` set to `CompositeRole`. @@ -103,4 +106,4 @@ script in the command line. | ResourceType optional | Int64 | Identifier of the resource type targeted by the rule. | | SingleRole optional | Int64 | Identifier of the single role targeted by the rule. | | Type required | AutomationRuleType | Object type targeted by the rule. 0 - CompositeRole. 1 - SingleRole. 2 - ResourceType. 4 - Category. 5 - Policy. | -| WorkflowState default value: 0 | WorkflowState | Workflow state of the assignments targeted by the rule. `0` - **None**: used for Identity Manager's internal computation. `1` - **Non-conforming**: the assignment is not supported by a rule. ![Workflow State: Non-conforming](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/1_nonconforming_v603.webp) `3` - **Pre-existing**: the assignment is not supported by a rule, and it existed before the production launch. ![Workflow State: Pre-existing](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/3_preexisting_v603.webp) `4` - **Requested**: the assignment is requested via a workflow, but not yet added. **NOTE:** Usually displayed in workflows' summaries. ![Workflow State: Pending Approval - Requested](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/4_requested_v603.webp) `5` - **Calculated - Missing Parameters**: the assignment was done by a rule which does not specify at least one required parameter for the role. ![Workflow State: Calculated - Missing Parameters](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/5_calculatedmissingparameters_v603.webp) `8` - **Pending Approval**: the assignment must be reviewed manually by a knowledgeable user. ![Workflow State: Pending Approval](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/8_pendingapproval_v603.webp) `9` - **Pending Approval 1 of 2**: the assignment is pending the first approval on a two-step workflow. `10` - **Pending Approval 2 of 2**: the assignment is pending the second approval on a two-step workflow. `11` - **Pending Approval 1 of 3**: the assignment is pending the first approval on a three-step workflow. `12` - **Pending Approval 2 of 3**: the assignment is pending the second approval on a three-step workflow. `13` - **Pending Approval 3 of 3**: the assignment is pending the third approval on a three-step workflow. `16` - **Approved**: the assignment has completed all approval steps. ![Workflow State: Approved](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/16_approved_v603.webp) `17` - **Declined**: the assignment is explicitly declined during one of the approval steps. ![Workflow State: Declined](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/17_declined_v603.webp) `18` - **Calculated**: the assignment is given by one of Identity Manager's rules. ![Workflow State: Calculated](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/18_calculated_v603.webp) `19` - **Inactive**: the assignment has expired and is not yet removed. Does not appear in the UI. `20` - **Cancellation**: the assignment is inferred by a role that was declined. See the [ Reconcile a Property ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. ![Workflow State: Cancellation](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/20_cancellation_v603.webp) `21` - **Suggested**: the assignment comes from a rule of type `Suggested` and appears among suggested permissions in the owner's permission basket. See the [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. ![Workflow State: Suggested](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/21_suggested_v603.webp) `22` - **Suggested**: the assignment comes from a rule of type `Automatic but with Validation` and appears among suggested permissions for a pre-existing user. See the [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. _Remember,_ the states `21` and `22` are both displayed in the UI as **Suggested** but they do not mean the exact same thing. `23` - **Automatic but with Validation**: the assignment comes from a rule of type `Automatic but with Validation` and appears in a new user's permission basket. See the [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. `24` - **Approved - Questioned**: the assignment was approved manually, then a change has been made in the assignment's source data via one of Identity Manager's workflows that should change the assignment but the manual approval is authoritative. See the [Resource Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topic for additional information. ![Workflow State: Approved - Questioned](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/24_approvedquestioned_v603.webp) `25` - **Pending Approval - Risk**: the assignment must be reviewed due to a risk. ![Workflow State: Pending Approval (Risk)](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/25_pendingapprovalrisk_v603.webp) `26` - **Blocked**: the assignment is blocked due to a risk of type `Blocking`. Does not appear in the UI. `27` - **Prolonged**: the assignment has expired but it was set with a grace period. See the [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. ![Workflow State: Prolonged](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/27_prolonged_v603.webp) `116` - **Approved - Risk**: the assignment is approved despite a risk. ![Workflow State: Approved (Risk)](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/16_approved_v603.webp) `118` - **Given by a Role**: the assignment comes from the assignment of a role. For example, when a user is assigned a SAP entitlement without having a SAP account, the account is created automatically with this state. ![Workflow State: Given by a Role](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/118_givenbyarole_v603.webp) **Found** - Will match assignments not supported by a rule. ![Workflow State: Non-conforming](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/1_nonconforming_v603.webp) **Historic** - Will match assignments not supported by a rule, which existed before the production launch. ![Workflow State: Pre-existing](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/3_preexisting_v603.webp) | +| WorkflowState default value: 0 | WorkflowState | Workflow state of the assignments targeted by the rule. `0` - **None**: used for Identity Manager's internal computation. `1` - **Non-conforming**: the assignment is not supported by a rule. ![Workflow State: Non-conforming](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/1_nonconforming_v603.webp) `3` - **Pre-existing**: the assignment is not supported by a rule, and it existed before the production launch. ![Workflow State: Pre-existing](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/3_preexisting_v603.webp) `4` - **Requested**: the assignment is requested via a workflow, but not yet added. **NOTE:** Usually displayed in workflows' summaries. ![Workflow State: Pending Approval - Requested](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/4_requested_v603.webp) `5` - **Calculated - Missing Parameters**: the assignment was done by a rule which does not specify at least one required parameter for the role. ![Workflow State: Calculated - Missing Parameters](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/5_calculatedmissingparameters_v603.webp) `8` - **Pending Approval**: the assignment must be reviewed manually by a knowledgeable user. ![Workflow State: Pending Approval](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/8_pendingapproval_v603.webp) `9` - **Pending Approval 1 of 2**: the assignment is pending the first approval on a two-step workflow. `10` - **Pending Approval 2 of 2**: the assignment is pending the second approval on a two-step workflow. `11` - **Pending Approval 1 of 3**: the assignment is pending the first approval on a three-step workflow. `12` - **Pending Approval 2 of 3**: the assignment is pending the second approval on a three-step workflow. `13` - **Pending Approval 3 of 3**: the assignment is pending the third approval on a three-step workflow. `16` - **Approved**: the assignment has completed all approval steps. ![Workflow State: Approved](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/16_approved_v603.webp) `17` - **Declined**: the assignment is explicitly declined during one of the approval steps. ![Workflow State: Declined](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/17_declined_v603.webp) `18` - **Calculated**: the assignment is given by one of Identity Manager's rules. ![Workflow State: Calculated](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/18_calculated_v603.webp) `19` - **Inactive**: the assignment has expired and is not yet removed. Does not appear in the UI. `20` - **Cancellation**: the assignment is inferred by a role that was declined. See the [Reconcile a Property](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. ![Workflow State: Cancellation](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/20_cancellation_v603.webp) `21` - **Suggested**: the assignment comes from a rule of type `Suggested` and appears among suggested permissions in the owner's permission basket. See the [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. ![Workflow State: Suggested](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/21_suggested_v603.webp) `22` - **Suggested**: the assignment comes from a rule of type `Automatic but with Validation` and appears among suggested permissions for a pre-existing user. See the [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. _Remember,_ the states `21` and `22` are both displayed in the UI as **Suggested** but they do not mean the exact same thing. `23` - **Automatic but with Validation**: the assignment comes from a rule of type `Automatic but with Validation` and appears in a new user's permission basket. See the [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. `24` - **Approved - Questioned**: the assignment was approved manually, then a change has been made in the assignment's source data via one of Identity Manager's workflows that should change the assignment but the manual approval is authoritative. See the [Resource Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topic for additional information. ![Workflow State: Approved - Questioned](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/24_approvedquestioned_v603.webp) `25` - **Pending Approval - Risk**: the assignment must be reviewed due to a risk. ![Workflow State: Pending Approval (Risk)](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/25_pendingapprovalrisk_v603.webp) `26` - **Blocked**: the assignment is blocked due to a risk of type `Blocking`. Does not appear in the UI. `27` - **Prolonged**: the assignment has expired but it was set with a grace period. See the [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. ![Workflow State: Prolonged](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/27_prolonged_v603.webp) `116` - **Approved - Risk**: the assignment is approved despite a risk. ![Workflow State: Approved (Risk)](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/16_approved_v603.webp) `118` - **Given by a Role**: the assignment comes from the assignment of a role. For example, when a user is assigned a SAP entitlement without having a SAP account, the account is created automatically with this state. ![Workflow State: Given by a Role](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/118_givenbyarole_v603.webp) **Found** - Will match assignments not supported by a rule. ![Workflow State: Non-conforming](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/1_nonconforming_v603.webp) **Historic** - Will match assignments not supported by a rule, which existed before the production launch. ![Workflow State: Pre-existing](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/3_preexisting_v603.webp) | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md index fe045249a2..7aa50bf73e 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md @@ -31,7 +31,7 @@ script in the command line. ``` -     +**** ``` @@ -56,5 +56,5 @@ script in the command line. | MaxDuration optional | Int32 | Duration (in minutes) after which the role will be automatically revoked, if no earlier end date is specified. It impacts only the roles which are manually assigned after the maximum duration is set. Pre-assigned roles are not impacted. If no duration is set on the role, the `MaxDuration` of the associated policy is applied. If the `MaxDuration` is set to 0 on the role, it prevents the associated policy from applying its `MaxDuration` to it. | | Policy required | Int64 | Identifier of the policy that the role is part of. | | ProlongationWithoutApproval default value: 0 | ProlongationWithoutApproval | Indicates whether the role can be extended without any validation. `0` - Inherited: gets the value from the policy. `1` - Enabled. `2` - Disabled. | -| R0 default value: false | Boolean | `true` to set the dimension 0 (up to 3V following the [ Base32 Parameter Names ](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)) as a required parameter when assigning the role. | +| R0 default value: false | Boolean | `true` to set the dimension 0 (up to 3V following the [Base32 Parameter Names](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)) as a required parameter when assigning the role. | | Tags optional | String | Tags of the roles targeted by the campaign filter. The tag separator is ¤. | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/context/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/context/index.md index 9566add479..143feeb5ad 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/context/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/context/index.md @@ -14,7 +14,7 @@ Contexts define the resources' scopes of responsibility. They are used during pr simplify the application of the role model's rules based on dimensions. See the -[ Identity Lifecycle: Joiners, Movers and Leavers ](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/index.md) +[Identity Lifecycle: Joiners, Movers and Leavers](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/index.md) for additional information about context generation. ## Properties diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md index f4ee1df248..27a5141ef5 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md @@ -19,10 +19,10 @@ Without a context rule, automatic entitlements (assigned via the role model's ru deletion. See the -[ Identity Lifecycle: Joiners, Movers and Leavers ](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/index.md) +[Identity Lifecycle: Joiners, Movers and Leavers](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/index.md) for additional information about context generation. -A context rule can be configured with [ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) in situations +A context rule can be configured with [Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) in situations where a user needs to be modeled by several contexts over time or simultaneously. Without record sections, a context rule can generate only one context per user. This means that @@ -100,7 +100,7 @@ user to be the maximum value of all their risk scores. ### Role mining Context rules also contain some parameters for -[ Perform Role Mining ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md). +[Perform Role Mining](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md). Users are distributed in a hypercube made of all dimensions, like in the following table (left) when we have only 2 dimensions, where for example `1`, `2`, `3`, etc. are users' possible locations, and @@ -168,16 +168,22 @@ The following example includes in certification campaigns only the resources tha ``` -**Note:** must be configured together with the other `ResourceCertificationComparison` properties. +:::note +must be configured together with the other `ResourceCertificationComparison` properties. +::: -**Note:** when not specified, certification items are defined by `ResourcesStartBinding` and + +:::note +when not specified, certification items are defined by `ResourcesStartBinding` and `ResourcesStartBinding`. +::: + ## Properties | Property | Details | | ------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| B0 optional | **Type** Int64 **Description** Binding of the dimension 0 (up to 3V in [ Base32 Parameter Names ](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)). The dimension can then be used in rules to filter the rules' targets. | +| B0 optional | **Type** Int64 **Description** Binding of the dimension 0 (up to 3V in [Base32 Parameter Names](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)). The dimension can then be used in rules to filter the rules' targets. | | DisplayName_L1 required | **Type** String **Description** Display name of the context rule in language 1 (up to 16). | | ExcludeExpression optional | **Type** String **Description** C# expression that defines the resources to exclude from context generation, because they should not be part of the role model and provisioning calculations. See the [Expressions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md) topic for additional information. | | Identifier required | **Type** String **Description** Unique identifier of the context rule. | @@ -188,10 +194,10 @@ The following example includes in certification campaigns only the resources tha | ResourceCertificationComparisonOperator optional | **Type** QueryComparisonOperator **Description** Operator of the comparison that specifies the resources to include in the related certification campaigns. **Note:** must be configured together with the other `ResourceCertificationComparison...` properties. **Note:** when not specified, certification items are defined by `ResourcesStartBinding` and `ResourcesStartBinding`. And when they are not specified either, there is no filtering, so all valid resources (those with `ValidTo` later than today's date) are included. | | ResourceCertificationComparisonValue optional | **Type** String **Description** Value to be compared to the value of `ResourcesCertificationComparisonBinding` in order to specify the resources to include in the related certification campaigns. **Note:** must be configured together with the other `ResourceCertificationComparison...` properties. **Note:** when not specified, certification items are defined by `ResourcesStartBinding` and `ResourcesStartBinding`. And when they are not specified either, there is no filtering, so all valid resources (those with `ValidTo` later than today's date) are included. | | ResourcesBinding optional | **Type** Int64 **Description** Binding that represents the entity type of the contexts to be created from the `SourceEntityType`. It can also be defined via `ResourcesExpression`. | -| ResourcesEndBinding optional | **Type** Int64 **Description** Binding of the date property among those from `ResourcesBinding` which specifies the end of validity for all [ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesEndExpression`. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | -| ResourcesEndExpression optional | **Type** String **Description** Expression based on the `ResourcesBinding` entity type that defines the end of validity for all [ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesEndBinding`. See the [Expressions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md) topic for additional information. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | +| ResourcesEndBinding optional | **Type** Int64 **Description** Binding of the date property among those from `ResourcesBinding` which specifies the end of validity for all [Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesEndExpression`. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | +| ResourcesEndExpression optional | **Type** String **Description** Expression based on the `ResourcesBinding` entity type that defines the end of validity for all [Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesEndBinding`. See the [Expressions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md) topic for additional information. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | | ResourcesExpression optional | **Type** String **Description** Expression based on `SourceEntityType` that defines the entity type of the contexts to be created. It can also be defined via `ResourcesBinding`. See the [Expressions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md) topic for additional information. | -| ResourcesStartBinding optional | **Type** Int64 **Description** Binding of the date property among those from `ResourcesBinding` which specifies the beginning of validity for all [ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesStartExpression`. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | -| ResourcesStartExpression optional | **Type** String **Description** Expression based on the `ResourcesBinding` entity type that defines the beginning of validity for all [ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesStartBinding`. See the [Expressions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md) topic for additional information. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | +| ResourcesStartBinding optional | **Type** Int64 **Description** Binding of the date property among those from `ResourcesBinding` which specifies the beginning of validity for all [Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesStartExpression`. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | +| ResourcesStartExpression optional | **Type** String **Description** Expression based on the `ResourcesBinding` entity type that defines the beginning of validity for all [Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesStartBinding`. See the [Expressions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md) topic for additional information. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | | RiskFactorType optional | **Type** RiskFactorType **Description** Operator used to aggregate a user's risk scores together to compute the user's global risk score. `0` - **None**. `1` - **Max**: a user's final risk score is the maximum value among all their risk scores. `2` - **Average**: a user's final risk score is the average value of all their risk scores. | | SourceEntityType required | **Type** Int64 **Description** Identifier of the entity type of the parent resource. | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/index.md index a3888bda01..efa4838950 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/index.md @@ -11,19 +11,19 @@ removing user permissions to systems, applications and databases based on the se - [Automation Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md) - Bulk Change -- [ Category ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) -- [ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) +- [Category](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) +- [Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) - [Composite Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerolerule/index.md) -- [ Context ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/context/index.md) -- [ Context Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) -- [ Indirect Resource Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/indirectresourcerule/index.md) -- [ Mining Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md) +- [Context](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/context/index.md) +- [Context Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) +- [Indirect Resource Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/indirectresourcerule/index.md) +- [Mining Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md) - [Policy](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/policy/index.md) -- [ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) -- [ Resource Classification Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) -- [ Resource Correlation Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) +- [Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) +- [Resource Classification Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) +- [Resource Correlation Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) - [Resource Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) -- [ Risk ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) -- [ Role Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md) -- [ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) +- [Risk](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) +- [Role Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md) +- [Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) - [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md index 3902a77383..a0401c5ae1 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md @@ -9,9 +9,9 @@ sidebar_position: 80 After roles are assigned to users, Identity Manager can use mining rules to perform role mining. Role mining means that Identity Manager analyzes existing assignments in order to suggest [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) which will assign -[ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) to certain users matching given criteria. +[Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) to certain users matching given criteria. -The [ Build Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md) replaces the +The [Build Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md) replaces the existing single role rules in the specified rule policy with the new generated ones. ## Examples diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/policy/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/policy/index.md index ece95a7e3d..89d636ded5 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/policy/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/policy/index.md @@ -22,8 +22,8 @@ script in the command line. All `ResourceType`, `SingleRole`, `CompositeRole` and `Category` must belong to a Policy. This is done by specifying the `Policy` attribute. See the [Resource Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md), -[ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md), [ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) and -[ Category ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) topics for additional information. +[Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md), [Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) and +[Category](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) topics for additional information. ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md index a09a65977e..ad6ba421ee 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md @@ -18,12 +18,12 @@ by more than one context over time, even simultaneously. This means that users c one contract, or position, at a time, and that data changes can be anticipated. See the -[ Position Change via Records ](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md)for +[Position Change via Records](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md)for additional information on identity modeling. **Configuration recommendations:** -As record sections cannot be configured without a [ Context Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md), Netwrix +As record sections cannot be configured without a [Context Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md), Netwrix Identity Manager (formerly Usercube) recommends starting with the configuration of the context rule before configuring record sections. @@ -97,7 +97,7 @@ positions. The following example uses the contract start/end dates as default boundaries in users' validity period, instead of those from the default section. See the -[ Onboarding and Offboarding ](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md) +[Onboarding and Offboarding](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md) topic for additional information. It may be because, for example, HR services do not enter an end date for the personal data of users on permanent contracts. So we prefer to use the start and end dates of their contracts. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md index 6b283b82fb..ffea1d4011 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md @@ -7,7 +7,7 @@ sidebar_position: 120 # Resource Correlation Rule A correlation rule is used to correlate the resources, i.e. link resources to their owners. See the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. ## Examples @@ -18,7 +18,7 @@ The following example creates an Active Directory correlation rule based on the ``` - +**** ``` diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md index 7cb573ec11..d0c3c92bf5 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md @@ -32,7 +32,7 @@ available for one type of action. As the configuration JSON file of an InternalW cannot contain expressions, a resource type can be configured with the ArgumentsExpression attribute to explicit the arguments of provisioning orders, based on conditions and variables. See the [InternalWorkflow](/docs/identitymanager/6.2/integration-guide/connectors/references-connectors/internalworkflow/index.md), -[ Compute a Resource Type's Provisioning Arguments ](/docs/identitymanager/6.2/integration-guide/provisioning/argumentsexpression/index.md), +[Compute a Resource Type's Provisioning Arguments](/docs/identitymanager/6.2/integration-guide/provisioning/argumentsexpression/index.md), and [Expressions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md) topics for additional information. The following example computes the identifier of the workflow to launch, based on the provisioning @@ -119,8 +119,11 @@ provisioning to ServiceNow. Then it requires the random identifier computed by S In this case, we want to configure the AD_Entry_AdministrationUser resource type so that a user cannot own an AD administrator account when they do not have an identifier in ServiceNow. -**NOTE:** The DependsOnOwnerProperty of a resource type should only refer to scalar values that are +:::note +The DependsOnOwnerProperty of a resource type should only refer to scalar values that are part of the properties of the SourceEntityType. +::: + The following example is meant to perform an automatic check to prevent the execution of any provisioning order for the creation of an AD administrator account when the user does not have an @@ -176,15 +179,21 @@ source data is changed, the scalar rule computes a new value for sn. There are t ![Example - State 3](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/discardmanualassignments_state3_v602.webp) - **NOTE:** No change in the source data can affect the property's value. However, any manual + :::note + No change in the source data can affect the property's value. However, any manual change made in the managed system will trigger a non-conforming assignment. Then, reconciling the property by choosing to keep Identity Manager's suggested value will make the property's value go back to Calculated and thus follow the changes in the source data. + ::: + - **NOTE:** If DiscardManualAssignments is changed from False to True, then the state of the + :::note + If DiscardManualAssignments is changed from False to True, then the state of the property's value does not matter. Identity Manager applies the rules of the role model, and generates a provisioning order to overwrite the manual change White with the newly computed value Black. + ::: + ![Example - State 4](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/discardmanualassignments_state4_v602.webp) @@ -280,10 +289,10 @@ resource type has previously been correlated to the owner or not. | MaximumInsertPercent default value: 30 | Int32 | Inserted lines threshold in percent. | | MaximumUpdate default value: 0 | Int32 | Updated lines threshold. Sets the maximum number of resources that can be modified within the resource type when running the provisioning job. | | MaximumUpdatePercent default value: 30 | Int32 | Updated lines threshold in percent. | -| P0 default value: false | Boolean | True to indicate that the resource type is parametrized, i.e. there is at least one type rule configured to assign the resource type based on the dimension 0 (up to 3V following the base32hex convention). See the [ Base32 Parameter Names ](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | +| P0 default value: false | Boolean | True to indicate that the resource type is parametrized, i.e. there is at least one type rule configured to assign the resource type based on the dimension 0 (up to 3V following the base32hex convention). See the [Base32 Parameter Names](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | | Policy required | Int64 | Identifier of the policy that the resource type is part of. | | ProlongationWithoutApproval default value: 0 | ProlongationWithoutApproval | Indicates whether the resource type can be extended without any validation. 0 - Inherited: gets the value from the policy. 1 - Enabled. 2 - Disabled. | -| R0 default value: false | Boolean | True to set the dimension 0 (up to 3V following the base32hex convention) as a required parameter when assigning the resource type. See the [ Base32 Parameter Names ](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | +| R0 default value: false | Boolean | True to set the dimension 0 (up to 3V following the base32hex convention) as a required parameter when assigning the resource type. See the [Base32 Parameter Names](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | | RemoveOrphans default value: false | Boolean | True to authorize the deprovisioning of this resource when it does not have an owner. Can only be true when AllowRemove property is also true. | | SourceEntityType required | Int64 | Identifier of the source entity type. | | SuggestAllCorrelations optionalAttribute | Boolean | Allows correlation suggestions for rules with a confidence rate below 100, even if other correlations with a confidence rate above 100 have been found. | @@ -314,7 +323,7 @@ script in the command line. | Binding optional | Int64 | Defines the binding expression to get the file property. | | Policy required | Int64 | Identifier of the policy that the rule is part of. | | Property required | Int64 | Identifier of the property used to represent the file on the target EntityType. | -| SingleRole optional | Int64 | Identifier of the single role. The single role must be assigned to the owner so that the file can be provisioned on the resource. See the [ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for additional information. | +| SingleRole optional | Int64 | Identifier of the single role. The single role must be assigned to the owner so that the file can be provisioned on the resource. See the [Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for additional information. | | TimeOffsetAfterReference default value: 0 | Int32 | Defines the offset after reference (in minutes). | | TimeOffsetBeforeReference default value: 0 | Int32 | Defines the offset before reference (in minutes). | | TimeOffsetReference default value: 0 | TimeOffsetReference | Offset mode defining which dates to use as references, in order to apply the time offset. The time period for which the rule is applied is adjusted accordingly. 0 - Default: the offset inherited from the type rule. 1 - Around: the offset before reference is applied from the start date of the resource, and the offset after reference is applied from the end date. 2 - Before: the offset before and after reference are both applied from the start date of the resource. 3 - After: the offset before and after reference are both applied from the end date of the resource. **NOTE:** in a situation with several binary rules, the order of application is: After, then Before, then Around, then Default. Each rule is able to overwrite those previously applied in case they overlap. _Remember,_ two offsets of the same mode should never overlap. Resources' start and end dates can be configured through record sections and/or context rules. | @@ -329,16 +338,19 @@ resources regardless of the attributes of source resources. A navigation rule is defined by the child element `` of the `` element. -**NOTE:** Both navigation and query rules compute navigation properties. The value of one navigation +:::note +Both navigation and query rules compute navigation properties. The value of one navigation property should be computed by either navigation or query rules, not both. +::: + See the -[ Compute a Navigation Property ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) +[Compute a Navigation Property](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) topic for additional information. ### Examples -Computation based on other properties +**Computation based on other properties** The following example declares a new rule to give the SG_APP_SharePoint_HR_Owner group to all users who had the SharePoint_HR_Owner role. @@ -363,7 +375,7 @@ script in the command line. ``` -Parametrized roles +**Parametrized roles** The role catalog can be optimized by reducing the number of roles, by configuring parametrized roles. See the @@ -377,8 +389,8 @@ Supposing that the 10th dimension (dimension A following the base32hex conventio time slots, the following example creates a single role Access/A_Brune_HR for all time slots. Each time-slot-related entitlement will be assigned to users by configuring one navigation rule per entitlement, using the dimension as a required parameter. See the -[ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) and -[ Base32 Parameter Names ](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)topics for additional information. +[Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) and +[Base32 Parameter Names](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)topics for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -417,12 +429,12 @@ Both navigation and query rules compute navigation properties. The value of one should be computed by either navigation or query rules, not both. See the -[ Compute a Navigation Property ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) +[Compute a Navigation Property](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) topic for additional information. ### Examples -Computation based on other properties +**Computation based on other properties** The following example declares a new rule to compute the parent distinguished name for guest users. Here we do not use source properties, but a literal expression for all guest users. @@ -465,7 +477,7 @@ topic for additional information. ### Examples -Computation based on other properties +**Computation based on other properties** The following example shows two scalar rules. The first one computes users' emails based on AD values. The other one contains a C# expression to compute AccountExpires. @@ -492,7 +504,7 @@ script in the command line. ``` -Computation via a literal expression +**Computation via a literal expression** The following example translates to "the userAccountControl property of a App1_Account of resource type App1_Standard_Account must be equal to 66048. It uses a literal expression. See the @@ -507,11 +519,11 @@ script in the command line. ``` -Binding +**Binding** The Binding attribute complies with the binding expression syntax or the calculation expression syntax. So, it can use the C# language to specify a more complex binding. See the -[ Bindings ](/docs/identitymanager/6.2/integration-guide/toolkit/bindings/index.md) and [Expressions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md) topics for +[Bindings](/docs/identitymanager/6.2/integration-guide/toolkit/bindings/index.md) and [Expressions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md) topics for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -521,7 +533,7 @@ script in the command line. ``` -IsMapped +**IsMapped** Consider a system that we want to connect to Identity Manager, let's call it SYST, using a title property. Consider also that SYST needs to be provisioned with the value of title, but does not @@ -530,7 +542,7 @@ allow any other system to retrieve the said value. In this case, we set `IsMapped` to false so that Identity Manager sends the adequate provisioning order when needed, and then is able to change the provisioning state to **Executed** without synchronization. See the [Provision](/docs/identitymanager/6.2/user-guide/administrate/provisioning/index.md) -[ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) topic for additional +[Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) topic for additional information. The following example computes users' title in a given managed system, based on Identity Manager's @@ -543,13 +555,13 @@ script in the command line. ``` -TimeOffset +**TimeOffset** A scalar rule is applied according to reference start and end dates (configured through record sections and context rules), usually users' arrival and departure days. It means that, for a user matching the rule's criteria, a property is to be computed, by default, from the user's arrival day -until their departure day. See the [ Record Section ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) and -[ Context Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) topics for additional information. +until their departure day. See the [Record Section](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) and +[Context Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) topics for additional information. ![Schema - Default Application Period](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/datamodel_scalarrule_timeoffsetdefault.webp) @@ -606,12 +618,15 @@ resources are to be provisioned, i.e. written to the managed system. A resource type rule is defined by the child element `` of the `` element. -**NOTE:** The specification of several resource type rules for one resource type implies the union +:::note +The specification of several resource type rules for one resource type implies the union of all rules, i.e. the combination of all rules (and all sets of criteria) with an OR operator. +::: + ### Examples -With a dimension criterion +**With a dimension criterion** The following rule will assign an App1_Standard_Account resource (resource of type App1_Account) to any User whose organization dimension (dimension binded to column 0) identifier is Marketing. @@ -626,7 +641,7 @@ script in the command line. ``` -With a single role criterion +**With a single role criterion** In addition to dimensions, a single role can be used as a criterion for a rule. @@ -643,7 +658,7 @@ script in the command line. ``` -Without any criterion +**Without any criterion** Di and SingleRole conditions are not mandatory. A type rule with no condition entails the creation of an AssignedResourceType, and hence of a target resource (from the target entity type), for every diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md index c87b1a777d..102cd9317e 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md @@ -40,8 +40,8 @@ roles. This optimization will simplify the functional understanding of the role catalog, and speed up Identity Manager's calculations. -Supposing that the 10th [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) (dimension A following the -[ Base32 Parameter Names ](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)) is created for time slots, the +Supposing that the 10th [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) (dimension A following the +[Base32 Parameter Names](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)) is created for time slots, the following example creates a single role `Access/A_Brune_HR` for all time slots. Each time-slot-related entitlement will be assigned to users by configuring one navigation rule per entitlement, using the dimension as a required parameter. @@ -71,7 +71,7 @@ script in the command line. | CommentActivationOnDeclineInReview default value: Inherited | CommentActivationWithInherited | Indicates if a comment is enabled when reviewing a request of the role and deciding to refuse it. `0` - Disabled. `1` - Optional. `2` - Required. `3` - Inherited: comment activation in the associated policy. | | CommentActivationOnDeleteGapInReconciliation default value: Inherited | CommentActivationWithInherited | Indicates if a comment is enabled when reviewing a non-conforming assignment of the role and deciding to delete it. `0` - Disabled. `1` - Optional. `2` - Required. `3` - Inherited: comment activation in the associated policy. | | CommentActivationOnKeepGapInReconciliation default value: Inherited | CommentActivationWithInherited | Indicates if a comment is enabled when reviewing a non-conforming assignment of the role and deciding to keep it. `0` - Disabled. `1` - Optional. `2` - Required. `3` - Inherited: comment activation in the associated policy. | -| D0 optional | Int64 | Value that will be set for the dimension 0 (up to 3V following the [ Base32 Parameter Names ](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)) for all users with the role. | +| D0 optional | Int64 | Value that will be set for the dimension 0 (up to 3V following the [Base32 Parameter Names](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)) for all users with the role. | | Description_L1 optional | String | Detailed description of the single role in language 1 (up to 16). | | DisplayName_L1 required | String | Display name of the single role in language 1 (up to 16). | | EntityType required | Int64 | Identifier of the entity type whose resources can receive the single role. | @@ -83,6 +83,6 @@ script in the command line. | MaxDuration optional | Int32 | Duration (in minutes) after which the role will be automatically revoked, if no earlier end date is specified. It impacts only the roles which are manually assigned after the maximum duration is set. Pre-assigned roles are not impacted. If no duration is set on the role, the `MaxDuration` of the associated policy is applied. If the `MaxDuration` is set to 0 on the role, it prevents the associated policy from applying its `MaxDuration` to it. | | Policy required | Int64 | Identifier of the policy in which the role exists. | | ProlongationWithoutApproval default value: 0 | ProlongationWithoutApproval | Indicates whether the role can be extended without any validation. `0` - Inherited: gets the value from the policy. `1` - Enabled. `2` - Disabled. | -| R0 default value: false | Boolean | `true` to set the dimension 0 (up to 3V following the [ Base32 Parameter Names ](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)) as a required parameter when assigning the role. | +| R0 default value: false | Boolean | `true` to set the dimension 0 (up to 3V following the [Base32 Parameter Names](/docs/identitymanager/6.2/integration-guide/toolkit/parameter-names/index.md)) as a required parameter when assigning the role. | | State default value: Manual | RoleState | Mark that differentiates the roles analyzed in the role mining process. `0` - Manual: the role was created manually. `1` - Generated: the role was generated by a role mapping rule. | | Tags optional | String | Label(s) that can later be used to filter the target roles of access certification campaigns. The tag separator is ¤. | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md index 05b14945db..ffb1f86404 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md @@ -26,7 +26,7 @@ script in the command line. | Property | Type | Description | | ----------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| CompositeRole optional | Int64 | Identifier of a [ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) that users must have to trigger the rule. | +| CompositeRole optional | Int64 | Identifier of a [Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) that users must have to trigger the rule. | | D0 optional | Int64 | Value to match for the dimension `D0` (up to `D127`) to trigger the rule. For example, considering that `D0` corresponds to users' countries, then set `D0` to `France` to assign the single role to users whose country is `France`. | | IsDenied default value: false | Boolean | `true` to forbid the assignment instead of applying it. | | L0 default value: false | Boolean | `true` to activate inheritance for `D0` (up to 127). | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/reporting/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/reporting/index.md index e7ffdf7fad..c3c4e26f5a 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/reporting/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/reporting/index.md @@ -6,4 +6,4 @@ sidebar_position: 90 # Reporting -- [ Report Query ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/reporting/reportquery/index.md) +- [Report Query](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/reporting/reportquery/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/reporting/reportquery/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/reporting/reportquery/index.md index 9fd86cf925..99bba3c68c 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/reporting/reportquery/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/reporting/reportquery/index.md @@ -8,7 +8,7 @@ sidebar_position: 10 Allows the user to define queries to generate a report in a CSV file. When creating a new ReportQuery it is recommended to also create the linked -[ Menu Item ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md). +[Menu Item](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md). ## Examples diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/resources/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/resources/index.md index d804e45b3a..b13d72009b 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/resources/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/resources/index.md @@ -6,4 +6,4 @@ sidebar_position: 100 # Resources -- [ Resource ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/resources/resource/index.md) +- [Resource](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/resources/resource/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displayentitytype/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displayentitytype/index.md index d4e4daaebd..5aea11fcd6 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displayentitytype/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displayentitytype/index.md @@ -46,7 +46,7 @@ Entity Types for which a priority isn't set by a `` configura assigned an equally less important priority than the least important priority set by a `` element. -Example +**Example** This example shows how to define priorities between the main Entity Types of the organizational model. The highest priority is assigned to `Directory_User` and the lowest priority to @@ -73,7 +73,7 @@ To configure the priority order for elements in the dropdown in these screens, t remember to take the workflow-entity types in the ` +**** Knowing that we have the following properties: ... diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displaytable/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displaytable/index.md index 217bbb5cf8..43bfabb37b 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displaytable/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displaytable/index.md @@ -15,7 +15,7 @@ additional information. Below there are a few examples of display tables. -DisplayTableDesignElement table +**DisplayTableDesignElement table** The following example displays sites as a table. @@ -28,7 +28,7 @@ script in the command line. ![Example - DisplayTableDesignElement Set to Table](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displaytable/displaytabledesignelement_table_v602.webp) -DisplayTableDesignElement list +**DisplayTableDesignElement list** The following example displays users as a list. @@ -41,10 +41,13 @@ script in the command line. ![Example - DisplayTableDesignElement Set to List](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displaytable/displaytabledesignelement_list_v602.webp) -_Remember,_ for resources to be displayed as a list, the display table must also be configured with +:::tip +Remember, for resources to be displayed as a list, the display table must also be configured with tiles. +::: -DisplayTableDesignElement resourcetable + +**DisplayTableDesignElement resourcetable** The following example displays AD entries as a table, with an "Owner/Type" column. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/form/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/form/index.md index b1408c9c81..bb5a01656a 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/form/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/form/index.md @@ -30,13 +30,13 @@ script in the command line. The display settings allow you to adjust the display. -Hide the "Access Permissions" tab +**Hide the "Access Permissions" tab** When `HideRoles` is set to `true`, then the **Access Permissions** tab is not accessible. ![Access Permissions](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/form_hideroles_v603.webp) -Adjust the request type +**Adjust the request type** When `WorkflowRequestType` is set to `Self`, then the finalization step looks like: @@ -46,11 +46,11 @@ When `WorkflowRequestType` is set to `Helpdesk`, then the finalization step look ![WorkflowRequestType = Helpdesk](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/form_requesttypehelpdesk_v603.webp) -Display records in a table +**Display records in a table** ![RecordTable Example](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/form_recordtable_v603.webp) -InputType display +**InputType display** The InputType represents the type of research property, attribute which supports only a predefined set of values listed below: diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/index.md index a9987e251f..2f6518e3f6 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/index.md @@ -6,12 +6,12 @@ sidebar_position: 40 # User Interface -- [ Display Entity Association ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displayentityassociation/index.md) +- [Display Entity Association](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displayentityassociation/index.md) - [Display Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displayentitytype/index.md) -- [ Display Property Group ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displaypropertygroup/index.md) +- [Display Property Group](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displaypropertygroup/index.md) - [Display Table](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/displaytable/index.md) - [Form](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/form/index.md) -- [ Indicator ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/indicator/index.md) -- [ Menu Item ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) +- [Indicator](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/indicator/index.md) +- [Menu Item](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) - [Search Bar](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/searchbar/index.md) -- [ Tile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) +- [Tile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/indicator/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/indicator/index.md index bab83b409e..0f2e21efd7 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/indicator/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/indicator/index.md @@ -15,7 +15,7 @@ _Item Value_ according to the _Comparison operator_, as can be seen on the examp The banner is displayed wherever the associated resource appears. For example, if we create an indicator pointing out the risk score of a user, the banner will show -on the left-side of the user [ Tile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) and the user [Form](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/form/index.md). If we +on the left-side of the user [Tile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) and the user [Form](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/form/index.md). If we create an indicator pointing out whether an AD account is unused or disabled, the banner will show on the left-side of the AD Entries tile and form. diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md index e81ca0c762..c701de994b 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md @@ -89,7 +89,7 @@ The unicity check rules linked to a same aspect are combined with the AND operat the aspect's iteration goes up when at least one of the rules detects non-unicity. When creating or updating a unicity check rule, launch the -[ Compute Correlation Keys Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) +[Compute Correlation Keys Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) before applying the role model and launching workflows. **For information:** Identity Manager needs to store the correlation keys linked to the expressions @@ -115,7 +115,7 @@ We want to check the unicity of the new user's login, compared with the logins o ``` - +**** ``` @@ -172,7 +172,7 @@ not add the domain part, and the target expression removes the domain part from ``` - +**** ``` In this example the homonym is linked to a control [Form](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/form/index.md) and it -will be applied for the [ Binding ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) included in the Control where +will be applied for the [Binding](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) included in the Control where the homonym is located. Read more about how to configure -[ Workflow Homonym ](/docs/identitymanager/6.2/integration-guide/workflows/workflowhomonym/index.md). +[Workflow Homonym](/docs/identitymanager/6.2/integration-guide/workflows/workflowhomonym/index.md). ``` @@ -31,7 +31,7 @@ the homonym is located. Read more about how to configure | Property | Details | | ----------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| FormEntityType required | **Type** Int64 **Description** In a [Form](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/form/index.md), an [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) is defined and the [ Binding ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) of this Form will be loaded from this EntityType. The FormEntityType property represents this EntityType. | +| FormEntityType required | **Type** Int64 **Description** In a [Form](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/form/index.md), an [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) is defined and the [Binding](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) of this Form will be loaded from this EntityType. The FormEntityType property represents this EntityType. | | Identifier required | **Type** String **Description** Unique identifier of the HomonymEntityLink. | ## Child Element: Filter @@ -43,6 +43,6 @@ Defines combination of property comparison to use to find homonyms. | Property | Details | | ---------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | ComparisonProperty1 optional | **Type** Int64 **Description** Defines the property used to compare with the form control `Property`. It should not be defined if it the same as the property in the attribute `Property`. Going from 1 to 5. | -| Expression1 optional | **Type** String **Description** Defines the C# expression to apply on the homonymy form controls. The result of the expression evaluation will be compared with the corresponding `ComparisonProperty` using the defined `Operator`. If the `ComparisonProperty` is a computed property, no need to define the expression if it is the same as the one for the computed property. It will be automatically used when finding homonyms. Going from 1 to 5. See the [ C# utility functions ](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/csharp-utility-functions/index.md) topic for additional information. | +| Expression1 optional | **Type** String **Description** Defines the C# expression to apply on the homonymy form controls. The result of the expression evaluation will be compared with the corresponding `ComparisonProperty` using the defined `Operator`. If the `ComparisonProperty` is a computed property, no need to define the expression if it is the same as the one for the computed property. It will be automatically used when finding homonyms. Going from 1 to 5. See the [C# utility functions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/csharp-utility-functions/index.md) topic for additional information. | | Operator1 default value: 2 | **Type** QueryComparisonOperator **Description** Defines the operator to use to compare between the `ComparisonProperty` and the `Property` or the `Expression` evaluation result. By default the `Equal` operator is used. Going from 1 to 5. All possible values: `0` - Auto: The `Operator` is calculated by the engine according to the type of element. `1` - NotEqual: finds the elements that are not equal to the desired value. `2` - Equal: finds the elements that are strictly equal to the desired value. `3` - Contain: finds the elements that contain the desired value. `4` - StartWith: finds the elements that start with the desired value. `5` - EndWith: finds the elements that end with the desired value. `6` - NotContain: finds the elements that do not contain the desired value. `7` - NotStartWith: finds the elements that do not start with the desired value. `8` - NotEndWith: finds the elements that do not end with the desired value. `9` - GreaterThan: finds the elements that are greater than the desired value. `10` - LessThan: finds the elements that are less than the desired value. `11` - GreaterThanOrEqual: finds the elements that are greater than or equal to the desired value. `12` - LessThanOrEqual: finds the elements that are less than or equal to the desired value. `*`- Flexible: The `Flexible` operators transform the desired value according to the `FlexibleComparisonExpression` defined in the `EntityProperty` then search. The flexible operators are: `13` - FlexibleEqual `14` - FlexibleContain `15` - FlexibleStartWith `16` - FlexibleEndWith | | Property1 optional | **Type** Int64 **Description** Defines the form control property to use to compare with `ComparisonOperator` using the defined `Operator`. Going from 1 to 5. | diff --git a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/index.md b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/index.md index 1eeb54a3da..9088bd4638 100644 --- a/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/index.md +++ b/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/index.md @@ -8,5 +8,5 @@ sidebar_position: 130 - [Aspects](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/aspects/index.md) - [Forms](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/forms/index.md) -- [ Homonym Entity Link ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md) -- [ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) +- [Homonym Entity Link](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md) +- [Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) diff --git a/docs/identitymanager/6.2/integration-guide/ui/custom-display-table/index.md b/docs/identitymanager/6.2/integration-guide/ui/custom-display-table/index.md index 3d52c0bd1b..6d2618cff4 100644 --- a/docs/identitymanager/6.2/integration-guide/ui/custom-display-table/index.md +++ b/docs/identitymanager/6.2/integration-guide/ui/custom-display-table/index.md @@ -54,10 +54,13 @@ interface. It is therefore necessary to create the different tiles first. After they must be imported into the display table with `` set to ``. Display tables with other values of `` cannot display tiles. -See the[ Tile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) topic for +See the[Tile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) topic for additional information. -_Remember,_ if the display table uses tiles, then you can't use bindings. +:::tip +Remember, if the display table uses tiles, then you can't use bindings. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. diff --git a/docs/identitymanager/6.2/integration-guide/ui/custom-forms/index.md b/docs/identitymanager/6.2/integration-guide/ui/custom-forms/index.md index a7ce4fd997..62e83a9e83 100644 --- a/docs/identitymanager/6.2/integration-guide/ui/custom-forms/index.md +++ b/docs/identitymanager/6.2/integration-guide/ui/custom-forms/index.md @@ -17,9 +17,9 @@ information. Two scaffoldings generate the view, the display table and the rights to access the entity's resources. -- [ View Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md): +- [View Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md): Creates the display table, the default view and access rights to the entity. -- [ View Template Adaptable ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md): +- [View Template Adaptable](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md): Creates the entity view (designElement = ResourceTable), the report and the rights for a given profile. @@ -36,8 +36,8 @@ interface. The following elements must be in place: -- [ Create Menu Items ](/docs/identitymanager/6.2/integration-guide/ui/create-menu-items/index.md) -- [ View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) +- [Create Menu Items](/docs/identitymanager/6.2/integration-guide/ui/create-menu-items/index.md) +- [View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) To create the view, you can manipulate one or more forms. The example below shows how to create a view from several different forms. This will allow you to reuse some forms in workflows. @@ -67,8 +67,8 @@ The view form doesn't give access to the view in the interface or the rights to The following elements must be in place: -- [ Create Menu Items ](/docs/identitymanager/6.2/integration-guide/ui/create-menu-items/index.md) -- [ View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) +- [Create Menu Items](/docs/identitymanager/6.2/integration-guide/ui/create-menu-items/index.md) +- [View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) In the example below, the view form will display all records. To change the filter on the record display, you must change the diff --git a/docs/identitymanager/6.2/integration-guide/ui/custom-search-bar/index.md b/docs/identitymanager/6.2/integration-guide/ui/custom-search-bar/index.md index 02192a7813..ad6f22185d 100644 --- a/docs/identitymanager/6.2/integration-guide/ui/custom-search-bar/index.md +++ b/docs/identitymanager/6.2/integration-guide/ui/custom-search-bar/index.md @@ -40,7 +40,7 @@ To add a default filter, you must add both of the following properties to a crit ``` - +**** ``` @@ -53,4 +53,4 @@ Here is the visualization of this criterion on the interface: Each menu item is a link to an entity's workflow displayed under the search bar on the visualization page of the entity's resource list. -See the [ Create Menu Items ](/docs/identitymanager/6.2/integration-guide/ui/create-menu-items/index.md)topic for additional information +**See the [Create Menu Items](/docs/identitymanager/6.2/integration-guide/ui/create-menu-items/index.md)topic for additional information** diff --git a/docs/identitymanager/6.2/integration-guide/ui/how-tos/custom-display-table/index.md b/docs/identitymanager/6.2/integration-guide/ui/how-tos/custom-display-table/index.md index 378e674731..0e8e90adaa 100644 --- a/docs/identitymanager/6.2/integration-guide/ui/how-tos/custom-display-table/index.md +++ b/docs/identitymanager/6.2/integration-guide/ui/how-tos/custom-display-table/index.md @@ -48,10 +48,13 @@ interface. It is therefore necessary to create the different tiles first. After they must be imported into the display table with `DisplayTableDesignElement` set to `list`. Display tables with other values of `DisplayTableDesignElement` cannot display tiles. -See the[ Tile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) topic for +See the[Tile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) topic for additional information. -_Remember,_ if the display table uses tiles, then you can't use bindings. +:::tip +Remember, if the display table uses tiles, then you can't use bindings. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. diff --git a/docs/identitymanager/6.2/integration-guide/ui/how-tos/custom-forms/index.md b/docs/identitymanager/6.2/integration-guide/ui/how-tos/custom-forms/index.md index 1d293c43f6..9edbb37576 100644 --- a/docs/identitymanager/6.2/integration-guide/ui/how-tos/custom-forms/index.md +++ b/docs/identitymanager/6.2/integration-guide/ui/how-tos/custom-forms/index.md @@ -11,9 +11,9 @@ information. Two scaffoldings generate the view, the display table and the rights to access the entity's resources. -- [ View Template ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md): +- [View Template](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md): Creates the display table, the default view and access rights to the entity. -- [ View Template Adaptable ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md): +- [View Template Adaptable](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md): Creates the entity view (designElement = ResourceTable), the report and the rights for a given profile. @@ -30,8 +30,8 @@ interface. The following elements must be in place: -- [ Create Menu Items ](/docs/identitymanager/6.2/integration-guide/ui/how-tos/create-menu-items/index.md) -- [ View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) +- [Create Menu Items](/docs/identitymanager/6.2/integration-guide/ui/how-tos/create-menu-items/index.md) +- [View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) To create the view, you can manipulate one or more forms. The example below shows how to create a view from several different forms. This will allow you to reuse some forms in workflows. @@ -61,8 +61,8 @@ The view form doesn't give access to the view in the interface or the rights to The following elements must be in place: -- [ Create Menu Items ](/docs/identitymanager/6.2/integration-guide/ui/how-tos/create-menu-items/index.md) -- [ View Access Control Rules ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) +- [Create Menu Items](/docs/identitymanager/6.2/integration-guide/ui/how-tos/create-menu-items/index.md) +- [View Access Control Rules](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) In the example below, the view form will display all records. To change the filter on the record display, you must change the diff --git a/docs/identitymanager/6.2/integration-guide/ui/how-tos/custom-search-bar/index.md b/docs/identitymanager/6.2/integration-guide/ui/how-tos/custom-search-bar/index.md index c86e553bb1..dacceebdaa 100644 --- a/docs/identitymanager/6.2/integration-guide/ui/how-tos/custom-search-bar/index.md +++ b/docs/identitymanager/6.2/integration-guide/ui/how-tos/custom-search-bar/index.md @@ -35,7 +35,7 @@ To add a default filter, you must add both of the following properties to a ``` - +**** ``` @@ -48,4 +48,4 @@ Here is the visualization of this criterion on the interface: Each menu item is a link to an entity's workflow displayed under the search bar on the visualization page of the entity's resource list. -See the [ Create Menu Items ](/docs/identitymanager/6.2/integration-guide/ui/how-tos/create-menu-items/index.md)topic for additional information +**See the [Create Menu Items](/docs/identitymanager/6.2/integration-guide/ui/how-tos/create-menu-items/index.md)topic for additional information** diff --git a/docs/identitymanager/6.2/integration-guide/ui/how-tos/producttranslations/index.md b/docs/identitymanager/6.2/integration-guide/ui/how-tos/producttranslations/index.md index 65f186a019..c4ede58762 100644 --- a/docs/identitymanager/6.2/integration-guide/ui/how-tos/producttranslations/index.md +++ b/docs/identitymanager/6.2/integration-guide/ui/how-tos/producttranslations/index.md @@ -10,7 +10,7 @@ The translations are given to Identity Manager in a JSON file, through the confi tool. This section first explains how to write the JSON file, then how to use it with the deployment tool. -JSON translation file format +**JSON translation file format** Example with the translation keys`accessCertificationReview.recommendation.manuallyAuthorized`, `app.common.button.create.label` and `app.common.labels.whenCreated`: @@ -30,7 +30,7 @@ The JSON file must only contain string properties: no object, array or number. The properties' name must match the wanted translation keys. -Find the translation keys +**Find the translation keys** A translation key is an identifier for a given translation: Identity Manager uses those keys to find the translation it needs in the interface. diff --git a/docs/identitymanager/6.2/integration-guide/ui/producttranslations/index.md b/docs/identitymanager/6.2/integration-guide/ui/producttranslations/index.md index 3e50473927..b5dad8fca2 100644 --- a/docs/identitymanager/6.2/integration-guide/ui/producttranslations/index.md +++ b/docs/identitymanager/6.2/integration-guide/ui/producttranslations/index.md @@ -16,7 +16,7 @@ The translations are given to Identity Manager in a JSON file, through the confi tool. This section first explains how to write the JSON file, then how to use it with the deployment tool. -JSON translation file format +**JSON translation file format** Example with the translation keys`accessCertificationReview.recommendation.manuallyAuthorized`, `app.common.button.create.label` and `app.common.labels.whenCreated`: @@ -36,7 +36,7 @@ The JSON file must only contain string properties: no object, array or number. The properties' name must match the wanted translation keys. -Find the translation keys +**Find the translation keys** A translation key is an identifier for a given translation: Identity Manager uses those keys to find the translation it needs in the interface. diff --git a/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md b/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md index aece63cb3d..e9d25b79bf 100644 --- a/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md +++ b/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md @@ -7,7 +7,7 @@ sidebar_position: 10 # Activity Templates This section describes the activities that constitute and model a -[ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md). Each activity is assigned +[Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md). Each activity is assigned a template, made of states and transitions. ## Overview diff --git a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/configure-homonym-test/index.md b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/configure-homonym-test/index.md index 01d879f431..6d5a32cf2a 100644 --- a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/configure-homonym-test/index.md +++ b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/configure-homonym-test/index.md @@ -34,7 +34,7 @@ information. ### With customized filters -[ Homonym Entity Link ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md)filters +[Homonym Entity Link](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md)filters allow to define customized filters for a homonym search. #### Simple filter diff --git a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/index.md b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/index.md index 710ffd4a70..5d5d4b8a0f 100644 --- a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/index.md +++ b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/index.md @@ -7,12 +7,12 @@ sidebar_position: 20 # How To Create a Workflow This guide shows how to create a -[ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) through the XML +[Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) through the XML configuration. ## Process -1. Declare a new [ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) with +1. Declare a new [Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) with given activities following Identity Manager's activity templates. 2. Configure the input [Form](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/form/index.md) with the right output type according to the purpose of the workflow. diff --git a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-create-mono/index.md b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-create-mono/index.md index 1cc344108a..e546bfd407 100644 --- a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-create-mono/index.md +++ b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-create-mono/index.md @@ -7,12 +7,12 @@ sidebar_position: 10 # For Resource Creation (Mono Record) This section guides you through the procedure for the creation of a -[ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) to create a new +[Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) to create a new resource with a unique record. ## Declare a Workflow -This [ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of four +This [Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of four activities: 1. `Action With Refine`: sends the creation request with a possibility of delegation. @@ -22,7 +22,7 @@ activities: from another user. 4. `Persist`: saves the collected data and triggers provisioning. -See the [ Activity Templates ](/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md) topic for additional information. +See the [Activity Templates](/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md) topic for additional information. The example below creates a workflow to create a new worker. @@ -91,7 +91,7 @@ A `WorkflowCreateRecordEntityForm` requires the following child elements: The `MainControl` attribute is here an empty container because we configure all personal data, contracts and positions as records to be able to anticipate changes for example. The line with the empty `MainControl` is not mandatory. See the -[ Position Change via Records ](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md)topic +[Position Change via Records](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md)topic for additional information. - `RecordControl` that defines record data, and calls the form created previously. See the For @@ -135,7 +135,7 @@ for the whole creation request and review from the previously created workflow: ``` - +**** Permissions for the Request activity: @@ -147,7 +147,7 @@ for the whole creation request and review from the previously created workflow: ## Create Menu Items in the UI -[ Menu Item ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md)must be defined to +[Menu Item](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md)must be defined to make the workflow accessible in the UI. Creating a new resource, an interesting location for this workflow could be the users list page. diff --git a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-create-multi/index.md b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-create-multi/index.md index 6a18c5ae87..7680347b16 100644 --- a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-create-multi/index.md +++ b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-create-multi/index.md @@ -11,7 +11,7 @@ resource with several records. ## Declare a Workflow -This [ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of four +This [Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of four activities: 1. `Action With Refine`: sends the creation request with a possibility of delegation. @@ -21,7 +21,7 @@ activities: from another user. 4. `Persist`: saves the collected data and triggers provisioning. -See the [ Activity Templates ](/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md) topic for additional information. +See the [Activity Templates](/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md) topic for additional information. The example below creates a workflow to create a new helpdesk worker, with the possibility to create several records at once for said worker. @@ -103,7 +103,7 @@ would be part of the form called by `RecordUniqueItemControl` instead of `Record In a situation where positions, contracts and personal data are all configured as records because we want to be able to anticipate changes for example, then there would not be any data shared by all records. Then `RecordControl` would be empty. See the -[ Position Change via Records ](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) +[Position Change via Records](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information. > ``` @@ -131,7 +131,7 @@ topic for additional information. ## Assign the Right Permissions Some profiles must get specific permissions so that the workflow is visible and usable by the right -users. Read about [ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md)s +users. Read about [Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md)s permissions. Below is an example of an access control rule where the `Administrator` profile gets the permissions @@ -139,7 +139,7 @@ for the whole creation request and review from the previously created workflow: ``` - +**** Permissions for the Request activity: @@ -151,7 +151,7 @@ for the whole creation request and review from the previously created workflow: ## Create Menu Items in the UI -[ Menu Item ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined +[Menu Item](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined to make the workflow accessible in the UI. Creating a new resource, an interesting location for this workflow could be the users list page. diff --git a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-update-mono/index.md b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-update-mono/index.md index 15d6721dd0..500bb1c1e0 100644 --- a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-update-mono/index.md +++ b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-update-mono/index.md @@ -11,14 +11,14 @@ replacement of the unique record of an existing resource with a new one. ## Declare a Workflow -This [ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of two +This [Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of two activities: 1. `Action With Refine`: sends the resource's record update request with a possibility of delegation. 2. `Persist`: saves the collected data and triggers provisioning. -See the [ Activity Templates ](/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md) topic for additional information. +See the [Activity Templates](/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md) topic for additional information. The example below creates a workflow to update only the user's name. @@ -89,7 +89,7 @@ not involved in the changes of this workflow. ## Assign the Right Permissions Some profiles must get specific permissions so that the workflow is visible and usable by the right -users. Read about [ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md)s +users. Read about [Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md)s permissions. Below is an example of an access control rule where the `Administrator` profile gets the permissions @@ -103,7 +103,7 @@ for the whole update request from the previously created workflow: ## Create Menu Items in the UI -[ Menu Item ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined +[Menu Item](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined to make the workflow accessible in the UI. Updating an existing resource, this workflow manages one given resource at a time. Hence an diff --git a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-update-multi/index.md b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-update-multi/index.md index eb3553903b..be18865c1d 100644 --- a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-update-multi/index.md +++ b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-update-multi/index.md @@ -11,7 +11,7 @@ resource through its several records. ## Declare a Workflow -This [ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of three +This [Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of three activities: 1. `Action With Refine`: sends the resource's records update request with a possibility of @@ -20,7 +20,7 @@ activities: another user. 3. `Persist`: saves the collected data and triggers provisioning. -See the [ Activity Templates ](/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md) topic for additional information. +See the [Activity Templates](/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md) topic for additional information. The example below creates a workflow to update the records of an existing user: @@ -134,7 +134,7 @@ copies part of the main record to pre-fill the fields of `RecordUniqueControl`. ## Assign the Right Permissions Some profiles must get specific permissions so that the workflow is visible and usable by the right -users. Read about [ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md)s +users. Read about [Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md)s permissions. Below is an example of an access control rule where the `Administrator` profile gets the permissions @@ -148,7 +148,7 @@ for the whole update request from the previously created workflow: ## Create Menu Items in the UI -[ Menu Item ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined +[Menu Item](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined to make the workflow accessible in the UI. Updating an existing resource, this workflow manages one given resource at a time. Hence an @@ -174,7 +174,7 @@ For each workflow, it is possible to add aspects according to the workflow's pur ## Homonym Detection (Optional) To perform a homonymy check on a workflow and thus prevent user duplicates,see the -[ Configure a Homonym Detection ](/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/configure-homonym-test/index.md) topic for additional information. +[Configure a Homonym Detection](/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/configure-homonym-test/index.md) topic for additional information. When using records, the homonym detection displays the list of records and not just the list of users. diff --git a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-update-resource/index.md b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-update-resource/index.md index 54882c8ebd..04fe0d2017 100644 --- a/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-update-resource/index.md +++ b/docs/identitymanager/6.2/integration-guide/workflows/create-workflow/workflow-update-resource/index.md @@ -11,13 +11,13 @@ resource, i.e. to update, within a given resource, properties that do not involv ## Declare a Workflow -This [ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of two +This [Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of two activities: 1. `Action With Refine`: sends the resource's update request with a possibility of delegation. 2. `Persist`: saves the collected data and triggers provisioning. -See the [ Activity Templates ](/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md) topic for additional information. +See the [Activity Templates](/docs/identitymanager/6.2/integration-guide/workflows/activity-templates/index.md) topic for additional information. The example below creates a workflow to update only the user's `IsDraft` attribute. @@ -88,7 +88,7 @@ displays the `IsDraft` attribute that the user just changed: ## Assign the Right Permissions Some profiles must get specific permissions so that the workflow is visible and usable by the right -users. Read about the [ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) +users. Read about the [Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) permissions. Below is an example of an access control rule where the `Administrator` profile gets the permissions @@ -102,7 +102,7 @@ for the whole update request from the previously created workflow: ## Create Menu Items in the UI -[ Menu Item ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined +[Menu Item](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined to make the workflow accessible in the UI. Updating an existing resource, this workflow manages one given resource at a time. Hence an diff --git a/docs/identitymanager/6.2/integration-guide/workflows/index.md b/docs/identitymanager/6.2/integration-guide/workflows/index.md index 778f62fb97..7b88caa994 100644 --- a/docs/identitymanager/6.2/integration-guide/workflows/index.md +++ b/docs/identitymanager/6.2/integration-guide/workflows/index.md @@ -40,7 +40,7 @@ A workflow is made of several elements: ### Technical principles - A workflow is linked to - one[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and concerns only + one[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and concerns only resources from said entity type. For example, a workflow can be linked to `Directory_User` or `Directory_Department` according to the workflow's purpose, but not both together. - The aim of a workflow is to get input data (either a form or just an approval) from users involved diff --git a/docs/identitymanager/6.2/integration-guide/workflows/workflow-uses/index.md b/docs/identitymanager/6.2/integration-guide/workflows/workflow-uses/index.md index b171a2ee2c..0714e85242 100644 --- a/docs/identitymanager/6.2/integration-guide/workflows/workflow-uses/index.md +++ b/docs/identitymanager/6.2/integration-guide/workflows/workflow-uses/index.md @@ -6,13 +6,13 @@ sidebar_position: 30 # Workflow Uses -An Identity Manager [ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is the +An Identity Manager [Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is the sequence of processes that a company has established to manage identities across the organization. Workflows makes an approval business process more efficient by managing and tracking all of the human tasks involved with the process and by providing a record of the process after it is completed. -The identity management [ Workflow ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) +The identity management [Workflow](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) can be broken into four key areas: ## 1. Onboarding diff --git a/docs/identitymanager/6.2/integration-guide/workflows/workflowhomonym/index.md b/docs/identitymanager/6.2/integration-guide/workflows/workflowhomonym/index.md index 9e3aa72035..be64b6075d 100644 --- a/docs/identitymanager/6.2/integration-guide/workflows/workflowhomonym/index.md +++ b/docs/identitymanager/6.2/integration-guide/workflows/workflowhomonym/index.md @@ -166,7 +166,7 @@ be checked must contain a layout fieldset control where: When the homonym entity link has no filter set and therefore the filter is calculated automatically, the homonym control form must only contain up to 5 controls where `Binding` attribute is defined. Indeed, a filter can only be defined on up to 5 properties, see filter definition in -[ Homonym Entity Link ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md). +[Homonym Entity Link](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md). ```
diff --git a/docs/identitymanager/6.2/introduction-guide/configuration/index.md b/docs/identitymanager/6.2/introduction-guide/configuration/index.md index 0250c7157b..492a63d845 100644 --- a/docs/identitymanager/6.2/introduction-guide/configuration/index.md +++ b/docs/identitymanager/6.2/introduction-guide/configuration/index.md @@ -44,20 +44,20 @@ This is the end of the introduction guide, so you should now be able to dive int ## Learn More Learn more on how to -[ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md). +[Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md). See the [User Guide](/docs/identitymanager/6.2/user-guide/index.md) topic to learn how to configure Identity Manager from scratch via the UI. See how to -[ Export the Configuration ](/docs/identitymanager/6.2/integration-guide/toolkit/export-configuration/index.md) +[Export the Configuration](/docs/identitymanager/6.2/integration-guide/toolkit/export-configuration/index.md) to XML files. See how to -[ Deploy the Configuration ](/docs/identitymanager/6.2/integration-guide/toolkit/deploy-configuration/index.md). +[Deploy the Configuration](/docs/identitymanager/6.2/integration-guide/toolkit/deploy-configuration/index.md). Learn more about the -[ XML Configuration Schema ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/index.md). +[XML Configuration Schema](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/index.md). Learn more about the [Network Configuration](/docs/identitymanager/6.2/integration-guide/network-configuration/index.md). diff --git a/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md b/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md index 7c1bc60497..45a5cecffe 100644 --- a/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md +++ b/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md @@ -63,7 +63,7 @@ automatically assign roles to users, or to categorize users and accounts, etc. ### Provisioning rules Just like identities, accounts are represented in Identity Manager by an -[ Identity Management ](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md) entity-relationship model. So Identity +[Identity Management](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md) entity-relationship model. So Identity Manager manages entitlements as resources' attribute values. > For example, giving specific Active Directory permissions to a new user means not only creating a @@ -138,7 +138,7 @@ assignments that do not comply with the configured rules. Rules can be triggered based on users' assigned roles, but also based on user data. -The [ Identity Management ](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md) model can be refined by configuring +The [Identity Management](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md) model can be refined by configuring dimensions: criteria from among resources' [attributes](https://en.wikipedia.org/wiki/Attribute-based_access_control) that will trigger the application of the rules. Then Identity Manager applies the rule for any resource whose value for a @@ -174,10 +174,10 @@ See the [Governance](/docs/identitymanager/6.2/introduction-guide/overview/gover ## Learn More -Learn more on the [ Role Model ](/docs/identitymanager/6.2/integration-guide/role-model/index.md). +Learn more on the [Role Model](/docs/identitymanager/6.2/integration-guide/role-model/index.md). Learn how to -[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md). +[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md). Learn more on hoe to [Create a Composite Role](/docs/identitymanager/6.2/user-guide/optimize/composite-role-creation/index.md). @@ -185,11 +185,11 @@ Learn more on hoe to Learn more on [Role Assignment](/docs/identitymanager/6.2/integration-guide/role-assignment/index.md). Learn more on -[ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md). +[Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md). Learn more on -[ Automate Role Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) +[Automate Role Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) rules. Learn more on the rules of -[ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md). +[Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md). diff --git a/docs/identitymanager/6.2/introduction-guide/overview/governance/index.md b/docs/identitymanager/6.2/introduction-guide/overview/governance/index.md index 6bd5d4f9e3..3d1d2dff4e 100644 --- a/docs/identitymanager/6.2/introduction-guide/overview/governance/index.md +++ b/docs/identitymanager/6.2/introduction-guide/overview/governance/index.md @@ -34,15 +34,15 @@ certification campaigns, risk management or reporting. ## Next Steps -Let's read some [ Use Case Stories ](/docs/identitymanager/6.2/introduction-guide/overview/use-cases/index.md). +Let's read some [Use Case Stories](/docs/identitymanager/6.2/introduction-guide/overview/use-cases/index.md). ## Learn More Learn more on [Governance](/docs/identitymanager/6.2/integration-guide/governance/index.md). -Learn more on how to [ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md). +Learn more on how to [Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md). Learn more on -[ Perform Access Certification ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md). +[Perform Access Certification](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md). -Learn more on how to [ Manage Risks ](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md). +Learn more on how to [Manage Risks](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md). diff --git a/docs/identitymanager/6.2/introduction-guide/overview/index.md b/docs/identitymanager/6.2/introduction-guide/overview/index.md index a22473d467..568ff85e22 100644 --- a/docs/identitymanager/6.2/introduction-guide/overview/index.md +++ b/docs/identitymanager/6.2/introduction-guide/overview/index.md @@ -27,7 +27,7 @@ We could explain Identity Manager's purpose like this: Typically, Identity Manager manages entitlements automatically according to a user's needs, for example Active Directory group memberships. ---- +**---** **First, we need to manage identities.** @@ -46,10 +46,10 @@ technology required for IGA-related data flows. ![Connectors](/img/product_docs/identitymanager/saas/introduction-guide/overview/overview_connectors.webp) -See more details on [ Identity Management ](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md) and connection between +See more details on [Identity Management](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md) and connection between systems. ---- +**---** **Then, we need to manage entitlements, in other words access rights, or permissions.** @@ -67,7 +67,7 @@ rules. ![Calculation](/img/product_docs/identitymanager/saas/introduction-guide/overview/overview_calculation.webp) ---- +**---** **Finally, we need to actually give identities their entitlements and then govern them.** @@ -82,7 +82,7 @@ Furthermore, Identity Manager provides a few workflows for entitlement request o modification, which often include approval from a third party, hence identities get their entitlements securely. -See the [ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional +See the [Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Thanks to the role model and data flows between Identity Manager and the managed systems, Identity diff --git a/docs/identitymanager/6.2/introduction-guide/overview/use-cases/index.md b/docs/identitymanager/6.2/introduction-guide/overview/use-cases/index.md index 371e77903a..7a2bfd856e 100644 --- a/docs/identitymanager/6.2/introduction-guide/overview/use-cases/index.md +++ b/docs/identitymanager/6.2/introduction-guide/overview/use-cases/index.md @@ -62,4 +62,4 @@ entitlements he needs in order to work, but not more to prevent security breache ## Next Steps -Let's learn about Identity Manager [ Architecture ](/docs/identitymanager/6.2/introduction-guide/architecture/index.md). +Let's learn about Identity Manager [Architecture](/docs/identitymanager/6.2/introduction-guide/architecture/index.md). diff --git a/docs/identitymanager/6.2/migration-guide/index.md b/docs/identitymanager/6.2/migration-guide/index.md index 7d5481d396..e0a302b8b2 100644 --- a/docs/identitymanager/6.2/migration-guide/index.md +++ b/docs/identitymanager/6.2/migration-guide/index.md @@ -9,9 +9,12 @@ sidebar_position: 50 This guide is designed to provide step-by-step procedures in order to migrate Identity Manager from your current version to the latest one. -**NOTE:** For the latest SaaS versions, if you are using the administrator scaffolding the necessary +:::note +For the latest SaaS versions, if you are using the administrator scaffolding the necessary permissions for the update are added to the administrator scaffolding and they will be taken into account the next time the configuration is deployed. +::: + ## General Upgrade Instructions for the Server with Integrated Agent diff --git a/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-execution/index.md b/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-execution/index.md index 6eee8db172..bc661c0cc6 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-execution/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-execution/index.md @@ -27,7 +27,7 @@ scheduling. | Input | Output | | ----------------------------------------------------------------------------------------------- | ---------------- | -| [ Schedule a Certification Campaign ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md) (required) | Certified access | +| [Schedule a Certification Campaign](/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md) (required) | Certified access | ## Execute Certification diff --git a/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md b/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md index e48f070925..3dc682f51f 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md @@ -37,14 +37,14 @@ know which entitlements need to be reviewed. | Input | Output | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------- | -| Identity repository (required) [ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md)(optional) [ Manage Risks ](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md)(optional) | Certified access | +| Identity repository (required) [Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md)(optional) [Manage Risks](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md)(optional) | Certified access | -See the[ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md)topic +See the[Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md)topic for additional information. ## Perform Access Certification Perform access certification by proceeding as follows: -1. [ Schedule a Certification Campaign ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md). -2. [ Execute a Certification Campaign ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-execution/index.md). +1. [Schedule a Certification Campaign](/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md). +2. [Execute a Certification Campaign](/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-execution/index.md). diff --git a/docs/identitymanager/6.2/user-guide/administrate/assigned-roles/index.md b/docs/identitymanager/6.2/user-guide/administrate/assigned-roles/index.md index 8e7d602f28..18c3b848e8 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/assigned-roles/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/assigned-roles/index.md @@ -8,8 +8,11 @@ sidebar_position: 70 How to review user permissions grouped by categories. -**NOTE:** **Assigned Roles** is currently in a preview state and additional functionality will be +:::note +**Assigned Roles** is currently in a preview state and additional functionality will be added in a future release. +::: + ## Overview @@ -28,13 +31,13 @@ You can review all assigned single roles by category. Through filters you can ch ## Participants and Artifacts This operation should be performed by a user with the right permissions. See the -[ Configure a User Profile ](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) topic for additional +[Configure a User Profile](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. The following example provides the rights for the Administrator profile to see the Assigned Roles page on the **Entity Type** directory user. See the -[ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) and -[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topics for +[Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) and +[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topics for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the diff --git a/docs/identitymanager/6.2/user-guide/administrate/index.md b/docs/identitymanager/6.2/user-guide/administrate/index.md index b54e8973ee..92494eb3d6 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/index.md @@ -8,7 +8,7 @@ sidebar_position: 30 In the Admin section you can do the following: -- [ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) +- [Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) How to use Identity Manager's reporting modules to produce IGA reports for auditing and governance purposes. @@ -21,57 +21,57 @@ In the Admin section you can do the following: How to write to a managed system. -- [ Review Provisioning ](/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md) +- [Review Provisioning](/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md) How to review provisioning orders before generation. -- [ Provision Manually ](/docs/identitymanager/6.2/user-guide/administrate/provisioning/manual-provisioning/index.md) +- [Provision Manually](/docs/identitymanager/6.2/user-guide/administrate/provisioning/manual-provisioning/index.md) How to use Identity Managerto manually write to the managed systems. -- [ Provision Automatically ](/docs/identitymanager/6.2/user-guide/administrate/provisioning/automatic-provisioning/index.md) +- [Provision Automatically](/docs/identitymanager/6.2/user-guide/administrate/provisioning/automatic-provisioning/index.md) How to use Identity Manager to automatically write to the managed systems. -- [ Review Non-conforming Assignments ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/index.md) +- [Review Non-conforming Assignments](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/index.md) How to review non-conforming assignments, i.e. approve or decline the suggestions made by Identity Manager after every synchronization. The aim is to handle the differences between the values from the managed systems and those computed by Identity Manager's role model. -- [ Reconcile a Role ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) +- [Reconcile a Role](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) How to review non-conforming permissions, i.e. approve or decline the role suggestions made by Identity Manager after every synchronization. The aim is to handle the differences between the navigation values from the managed systems and those computed by Identity Manager according to the role catalog. -- [ Reconcile a Property ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) +- [Reconcile a Property](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) How to review unreconciled properties. The aim is to handle the differences between the property values from the managed systems and those computed by Identity Manager according to provisioning rules. -- [ Review an Unauthorized Account ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md) +- [Review an Unauthorized Account](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md) How to remediate unauthorized accounts. The aim is to review the accounts whose assignments don't comply with the rules of the role model. -- [ Perform Access Certification ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md) +- [Perform Access Certification](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md) How to certify existing access by reviewing a specific range of assigned permissions for auditing purposes. -- [ Schedule a Certification Campaign ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md) +- [Schedule a Certification Campaign](/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md) How to create and schedule access certification campaigns, defining their scope. -- [ Execute a Certification Campaign ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-execution/index.md) +- [Execute a Certification Campaign](/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-execution/index.md) How to execute access certification campaigns, i.e. review specific entitlement assignments and deprovision inappropriate access. -- [ Request Entitlement Assignment ](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md) +- [Request Entitlement Assignment](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md) How to send a manual request to add, update or remove an entitlement for an identity. diff --git a/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md b/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md index 12c468c6d9..cb6d71b593 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md @@ -26,8 +26,8 @@ manager, and on some occasions by the involved application owner. | ------------------------------------------------------ | -------------------- | | Identity repository (required) Role Catalog (required) | Updated entitlements | -See the [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) and -[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topics for +See the [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) and +[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topics for additional information. ## View Identity's Entitlements diff --git a/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/index.md b/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/index.md index c1282618de..5bf3035977 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/index.md @@ -24,9 +24,9 @@ Integrators must review three main types of non-conforming entitlement assignmen Unreconciled properties, unauthorized accounts and non-conforming roles are part of [Non-Conforming Assignments](/docs/identitymanager/6.2/integration-guide/role-assignment/nonconformingdetection/index.md). The global aim of the review is to handle the gaps between the -[ Existing Assignments ](/docs/identitymanager/6.2/integration-guide/role-assignment/existingassignmentsdeduction/index.md) +[Existing Assignments](/docs/identitymanager/6.2/integration-guide/role-assignment/existingassignmentsdeduction/index.md) (real values) and the -[ Conforming Assignments ](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md) +[Conforming Assignments](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md) (theoretical values computed by Identity Manager from the role model rules). A high number of non-conforming assignments can come from an issue in configuration rules. @@ -52,7 +52,7 @@ applications' entitlements (technical side), and/or managers who know their team The assignments specified as non-conforming during the very first execution of the role model are called pre-existing assignments. Pre-existing assignments are tagged differently from other non-conforming assignments by the -[ Save Pre-Existing Access Rights Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md) +[Save Pre-Existing Access Rights Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md) because they can indicate that: - The rules are not optimal yet. @@ -67,10 +67,10 @@ While there can be dependencies between the review of non-conforming roles and u properties, there are no absolute requirements regarding the sequential order of the non-conforming assignment review: -- Review [ Reconcile a Role ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md). -- Review [ Reconcile a Property ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md). -- [ Review an Unauthorized Account ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md). +- Review [Reconcile a Role](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md). +- Review [Reconcile a Property](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md). +- [Review an Unauthorized Account](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md). -[ Manage Risks ](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md) can be defined to highlight the most +[Manage Risks](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md) can be defined to highlight the most sensitive accounts/permissions, in order to establish a priority order in the review of non-conforming assignments. diff --git a/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md b/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md index 54e63ec2c3..d22f05f3d2 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md @@ -8,7 +8,7 @@ sidebar_position: 20 How to review unreconciled properties. The aim is to handle the differences between the property values from the managed systems and those computed by Identity Manager according to -[ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md). +[Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md). ## Overview diff --git a/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md b/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md index 7eb7c5565c..688a7bbabe 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md @@ -74,7 +74,7 @@ entitlements. Review a non-conforming permission by proceeding as follows: 1. Ensure that the - [ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) + [Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) was launched recently, through the complete job on the **Job Execution** page ![Home Page - Job Execution](/img/product_docs/identitymanager/saas/user-guide/set-up/synchronization/home_jobexecution_v602.webp) diff --git a/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md b/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md index d463d27f88..e630d15562 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md @@ -28,7 +28,7 @@ entitlements. Review an unauthorized account by proceeding as follows: 1. Ensure that the - [ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) + [Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) was launched recently, through the complete job on the **Job Execution** page: ![Home Page - Job Execution](/img/product_docs/identitymanager/saas/user-guide/set-up/synchronization/home_jobexecution_v602.webp) @@ -57,12 +57,12 @@ Review an unauthorized account by proceeding as follows: The displayed confidence rate means that a rule actually assigned the account to the identity, but with a confidence rate too low to imply full automatic assignment. Approval will be - required. See the [ Classify Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) + required. See the [Classify Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) topic for additional information. The **Resource Properties** frame shows all the properties of the resources. They can be updated by clicking on the edit button. See the - [ Reconcile a Property ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. + [Reconcile a Property](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. ![Edit Button](/img/product_docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/unauth_updateprop_v522.webp) diff --git a/docs/identitymanager/6.2/user-guide/administrate/orphan-unused-account-review/index.md b/docs/identitymanager/6.2/user-guide/administrate/orphan-unused-account-review/index.md index ae5ab0e6ee..e8d0593fe6 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/orphan-unused-account-review/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/orphan-unused-account-review/index.md @@ -24,7 +24,7 @@ through the menu items on the left of the home page, in the **Connectors** secti These entity type pages can be configured via XML to customize all displayed columns and available filters, especially the **Orphan** filter that spots uncorrelated resources, and the **Owner / Resource Type** column that shows the owner of each resource. See -the[ Create Menu Items ](/docs/identitymanager/6.2/integration-guide/ui/create-menu-items/index.md) topic for +the[Create Menu Items](/docs/identitymanager/6.2/integration-guide/ui/create-menu-items/index.md) topic for additional information on customization. ![Owner / Resource Type Column](/img/product_docs/identitymanager/saas/user-guide/administrate/reporting/orphan_entitytype_v523.webp) @@ -32,16 +32,19 @@ additional information on customization. In the **Orphan** field, select **Yes** to see all existing resources without an owner. In addition, filters can be configured in the reporting module to list orphaned accounts. See the -[ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for additional information. Choose to display +[Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for additional information. Choose to display **User** and **AD User** (nominative) with a filter on void user's display names. -**NOTE:** Some accounts are considered orphaned because of an error in the account data or +:::note +Some accounts are considered orphaned because of an error in the account data or assignment rule. For an entity that is never the target of a resource type, the concept of an orphan does not apply because the **Owner / Resource Type** column will be hidden. When using a display table to display these entities, use DisplayTableDesignElement``({{< relref "/integration-guide/toolkit/xml-configuration/user-interface/displaytable#properties" >}}) `"table"`` or `"adaptable"`. +::: + ### Unused accounts list @@ -83,7 +86,7 @@ return ((resource.lastLogonTimestamp == null) || Once this "unused" property is created, a list of all unused accounts can be displayed thanks to the filters in the query module, based on said property. See the -[ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for additional information. +[Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for additional information. The previous example about the AD's **isUnused** property can be complemented in the query module by displaying this property alongside users' **EmployeeId**. @@ -97,7 +100,7 @@ table below. | Input | Output | | ------------------------------------------------------------------------- | ------------------------------------ | -| [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) (required) | Removed orphaned and unused accounts | +| [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) (required) | Removed orphaned and unused accounts | ## Review an Orphaned Account @@ -145,9 +148,10 @@ You can **Select owner** from the list by clicking on the check box. - If the owner is still in the organization, the account must be connected to its owner. Is there a rule to change? -**NOTE:** We said that useful service accounts must be connected to their owners due to the fact +:::note +We said that useful service accounts must be connected to their owners due to the fact that an orphaned account cannot be certified. .See the -[ Perform Access Certification ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md) topic for additional information. +[Perform Access Certification](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md) topic for additional information. But a service account must not be linked to a person, for the departure of said person from the company may trigger the loss of the service account. This is why we create identities with **Application** as their **UserType**, each @@ -155,6 +159,8 @@ application-identity linked to a person supposed to manage it. Thus,service acco connected to application identities, themselves owned by people. That way, if the owner of the application leaves, the application-identity is not deleted, and the service accounts it owns are not deprovisioned. +::: + See the schema below this note. @@ -162,10 +168,16 @@ See the schema below this note. **Step 6 –** Select the appropriate owner or no owner at all, according to the previous analysis. -_Remember,_ decisions must be made with caution as they cannot be undone. +:::tip +Remember, decisions must be made with caution as they cannot be undone. +::: -**NOTE:** When binding an orphaned account to an existing owner, properties might need to be + +:::note +When binding an orphaned account to an existing owner, properties might need to be reconciled. +::: + **Step 7 –** Click on **Confirm Account Deletion** or **Authorize Account** according to the previous decision. diff --git a/docs/identitymanager/6.2/user-guide/administrate/provisioning/automatic-provisioning/index.md b/docs/identitymanager/6.2/user-guide/administrate/provisioning/automatic-provisioning/index.md index ccbb939dee..c97dda9787 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/provisioning/automatic-provisioning/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/provisioning/automatic-provisioning/index.md @@ -28,12 +28,12 @@ At this point, integrators should have all the elements they need to operate. | Input | Output | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | -| [ Review Provisioning ](/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md) (required) Automated provisioning to [Create a Connection](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connection-creation/index.md) (required) | Updated managed systems | +| [Review Provisioning](/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md) (required) Automated provisioning to [Create a Connection](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connection-creation/index.md) (required) | Updated managed systems | ## Implement Automated Provisioning automated provisioning is performed through a connection using a -[ References: Packages ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/index.md) for +[References: Packages](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/index.md) for fulfilling external systems. ## Perform Automated Provisioning @@ -56,7 +56,7 @@ In order to verify the process: ![Home Page - Directory User](/img/product_docs/identitymanager/saas/user-guide/set-up/configure-workflows/home_directoryuser_v523.webp) 2. Follow the manual assignment workflow through - [ Request Entitlement Assignment ](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md) to make a change in + [Request Entitlement Assignment](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md) to make a change in one of their permissions, which involves automated provisioning. 3. Perform automated provisioning and check in Identity Manager that the change was effectively made. diff --git a/docs/identitymanager/6.2/user-guide/administrate/provisioning/index.md b/docs/identitymanager/6.2/user-guide/administrate/provisioning/index.md index 115582ea13..d94820e1ae 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/provisioning/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/provisioning/index.md @@ -24,7 +24,7 @@ When modeling your connectors, you had to decide what data you wanted Identity M within the external systems. You configured your connectors, and among other things you chose the appropriate connections and packages, to manage identities and their entitlements by writing directly to the managed systems. This is done through said connectors' provisioning capabilities. -See the [ Model the Data ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) and +See the [Model the Data](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) and [Create a Connection](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connection-creation/index.md) topics for additional information. @@ -33,8 +33,8 @@ provisioning orders are generated in order to actually write said changes to the These changes can be written automatically or manually. Manual provisioning is used to involve humans and make them act on the external systems, instead of Identity Manager. Automatic provisioning is used to minimize human intervention and trust Identity Manager with role model -enforcement in external systems. See the [ Provision Manually ](/docs/identitymanager/6.2/user-guide/administrate/provisioning/manual-provisioning/index.md) and -[ Provision Automatically ](/docs/identitymanager/6.2/user-guide/administrate/provisioning/automatic-provisioning/index.md)topics for additional information. +enforcement in external systems. See the [Provision Manually](/docs/identitymanager/6.2/user-guide/administrate/provisioning/manual-provisioning/index.md) and +[Provision Automatically](/docs/identitymanager/6.2/user-guide/administrate/provisioning/automatic-provisioning/index.md)topics for additional information. ### Provisioning states @@ -57,7 +57,7 @@ Here is the list of provisioning states and their description: These states are detailed with their transitions on the individual pages specific to provisioning review, manual provisioning and automated provisioning. See the [Entitlement Assignment](/docs/identitymanager/6.2/integration-guide/role-assignment/assignments-of-entitlements/index.md) -and [ Review Provisioning ](/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md) topics for additional information. +and [Review Provisioning](/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md) topics for additional information. ### Provisioning review @@ -65,14 +65,14 @@ For security purposes, provisioning orders sometimes need to be reviewed before the managed system. Then, a user with the right entitlements accesses the **Provisioning Review** page. Users can either approve provisioning orders that will then be unblocked and finally propagated, or they can decline orders that will subsequently be ignored. See the -[ Configure a User Profile ](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md)topic for additional +[Configure a User Profile](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md)topic for additional information. The review prior to the provisioning of entitlement assignments is usually performed based on the resource type of given identities. For example, the assignment of sensitive entitlements will require a review before being provisioned, whereas basic rights can be assigned at once. Therefore, resources must be carefully classified beforehand. See the -[ Classify Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) topic for additional +[Classify Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) topic for additional information. ## Participants and Artifacts @@ -83,10 +83,10 @@ This operation should be performed in cooperation with the staff in charge of ma | ----------------------------------------------------------------------------------------------------------------------- | ------------------ | | Connector's data model (required) Classified resources (required) Provisioning Rules (required) Role catalog (required) | Provisioned system | -See the [ Model the Data ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md), -[ Classify Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md), -[ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md), and -[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topics for +See the [Model the Data](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md), +[Classify Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md), +[Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md), and +[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topics for additional information. ## Perform Provisioning diff --git a/docs/identitymanager/6.2/user-guide/administrate/provisioning/manual-provisioning/index.md b/docs/identitymanager/6.2/user-guide/administrate/provisioning/manual-provisioning/index.md index e1cc47c927..5b1fe087fc 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/provisioning/manual-provisioning/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/provisioning/manual-provisioning/index.md @@ -27,12 +27,12 @@ write permissions are required. | Input | Output | | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | -| [ Review Provisioning ](/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md) (required) Manual provisioning through [Create a Connection](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connection-creation/index.md) (required) | Updated managed systems | +| [Review Provisioning](/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md) (required) Manual provisioning through [Create a Connection](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connection-creation/index.md) (required) | Updated managed systems | ## Implement Manual Provisioning Manual provisioning is performed through a connection using the -[ Manual Ticket ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/manual-ticket/index.md). +[Manual Ticket](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/manual-ticket/index.md). Besides, for a resource to be manually provisioned, the corresponding resource type must be configured with the manual connection set to `Provisioning Connection` in the **Fulfill Settings**. @@ -78,7 +78,7 @@ In order to verify the process: ![Home Page - Directory User](/img/product_docs/identitymanager/saas/user-guide/set-up/configure-workflows/home_directoryuser_v523.webp) 2. Follow the workflow through - [ Request Entitlement Assignment ](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md) to make a change in + [Request Entitlement Assignment](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md) to make a change in one of their permissions, which involves manual provisioning. 3. Perform manual provisioning and check the provisioning state of the requested entitlement at every step, in the user's **View Permissions** tab. diff --git a/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md b/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md index 2ca40f4587..bb02765082 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md @@ -14,7 +14,7 @@ For security purposes, provisioning orders sometimes need to be reviewed before actually generated. Then, a user with the right permissions accesses the **Provisioning Review** page. They can either approve provisioning orders that will then be computed, generated and finally ready for actual provisioning, or they can decline orders that will subsequently be ignored. See the -[ Configure a User Profile ](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) topic for +[Configure a User Profile](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. ### Provisioning states @@ -30,22 +30,22 @@ This operation should be performed in cooperation with the staff in charge of ma | Input | Output | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------- | -| [ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) (required) [ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) (required) | Provisioning orders | +| [Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) (required) [Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) (required) | Provisioning orders | ## Implement Provisioning Review Provisioning review is configured for a given resource type. Therefore, you can decide to force the review of provisioning orders when -you[ Create a Resource Type ](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md). You +you[Create a Resource Type](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md). You can choose to: - Set the number of required approvals by a - [ Manage Role Officers ](/docs/identitymanager/6.2/user-guide/set-up/role-officer-management/index.md), via the + [Manage Role Officers](/docs/identitymanager/6.2/user-guide/set-up/role-officer-management/index.md), via the `Approval Workflow` option. - Enable a technical approval by the application owner, via the `Block provisioning orders` option. Provisioning review can also be triggered when a fulfillment error occurs. See -the[ Identity Management ](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md)topic +the[Identity Management](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md)topic for additional information. ## Review Provisioning Orders @@ -85,7 +85,7 @@ Identity Manager shows all the properties of the new resource to be created: See the [Entitlement Assignment](/docs/identitymanager/6.2/integration-guide/role-assignment/assignments-of-entitlements/index.md) -and [ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) topics for +and [Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) topics for additional information. Handle an addition order by proceeding as follows: @@ -109,13 +109,13 @@ Handle an addition order by proceeding as follows: ### Handle an association order Identity Manager displays a given owner and a given resource to be associated with a given -[ Classify Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md)and all resource +[Classify Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md)and all resource properties to be verified: ![Association Order Review](/img/product_docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/provmanual_reviewassociation_v602.webp) - `Confidence rate of proposed resource`: rate expressing the confidence in this - [ Correlate Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md). + [Correlate Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md). - `Proposed Value`: value proposed by Identity Manager. - `Current Value`: value currently in the managed system. - `Provisioning State` @@ -126,7 +126,7 @@ properties to be verified: See the [Entitlement Assignment](/docs/identitymanager/6.2/integration-guide/role-assignment/assignments-of-entitlements/index.md) -and [ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) topics for +and [Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) topics for additional information. Handle an association order by proceeding as follows: @@ -167,7 +167,7 @@ Identity Manager shows a given resource and all resource properties to be verif See the [Entitlement Assignment](/docs/identitymanager/6.2/integration-guide/role-assignment/assignments-of-entitlements/index.md) -and [ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) topics for +and [Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) topics for additional information. Handle an update order by proceeding as follows: @@ -230,7 +230,7 @@ In order to verify the process: ![Home Page - Directory User](/img/product_docs/identitymanager/saas/user-guide/set-up/configure-workflows/home_directoryuser_v523.webp) -2. Follow the [ Request Entitlement Assignment ](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md) workflow +2. Follow the [Request Entitlement Assignment](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md) workflow to make a change in one of their permissions, which involves provisioning review. 3. Check that the provisioning state is `Pending` in the user's **View Permissions** tab. diff --git a/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md b/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md index 4b2616969a..e1eb6fe9d8 100644 --- a/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md +++ b/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md @@ -60,7 +60,7 @@ Identity Manager provides a selection of predefined reports available in the so represent the most common use cases. The accessibility of these predefined reports was configured during profile configuration. See the -[ Configure a User Profile ](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md)topic for additional +[Configure a User Profile](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md)topic for additional information. Download predefined reports by proceeding as follows: @@ -85,12 +85,12 @@ information. When facing a one-time need for producing specific reports, Identity Manager's Query module helps display attributes chosen from the data which is already synchronized and classified. See the -[ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) and -[ Classify Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) topics for additional +[Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) and +[Classify Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) topics for additional information. This module offers the possibility to customize reports and download them. The Query module is based on predefined -[ Universe ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) +[Universe](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) that can be adjusted later on in XML configuration, just like the list of available query models. Create a custom report by proceeding as follows: @@ -103,14 +103,14 @@ Create a custom report by proceeding as follows: 2. Choose a query model from among the list. 3. Click on **Fields to Display** and select the appropriate fields from among the database - [ Universe ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) + [Universe](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) and click on **Confirm**. ![Fields to Display](/img/product_docs/identitymanager/saas/user-guide/administrate/reporting/reporting_fieldstodisplay_v522.webp) In cases where Identity Manager doesn't display correctly the information you need, you must try to understand the entity instances and association instances that constitute the - [ Universe ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) + [Universe](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) that you are working with. Perhaps the fields that you chose cannot be properly correlated. 4. Click on **Filters**, write the appropriate condition and click on **Confirm**. diff --git a/docs/identitymanager/6.2/user-guide/deploy/index.md b/docs/identitymanager/6.2/user-guide/deploy/index.md index 7fd146c47f..1754e73a78 100644 --- a/docs/identitymanager/6.2/user-guide/deploy/index.md +++ b/docs/identitymanager/6.2/user-guide/deploy/index.md @@ -6,33 +6,33 @@ sidebar_position: 50 # Deploy -- [ Plan Change Management ](/docs/identitymanager/6.2/user-guide/deploy/change-management/index.md) +- [Plan Change Management](/docs/identitymanager/6.2/user-guide/deploy/change-management/index.md) How to anticipate the deep changes in the organization's applications and processes due to Identity Manager installation as a new IGA tool. -- [ Install the Production Agent ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/index.md) +- [Install the Production Agent](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/index.md) How to install a local agent for production environment. -- [ Configure the Agent's Settings ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/settings-files/index.md) +- [Configure the Agent's Settings](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/settings-files/index.md) How to configure the agent's application settings via the `web.config`, `appsettings.json` and `appsettings.agent.json` files. -- [ Install IIS via Server Manager ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-installation/index.md) +- [Install IIS via Server Manager](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-installation/index.md) How to configure the local server to install IIS via Server Manager. -- [ Configure the Pool and Site ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-configuration/index.md) +- [Configure the Pool and Site](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-configuration/index.md) How to configure the application pool and website via IIS. -- [ Set the Working Directory's Permissions ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/directory-permissions/index.md) +- [Set the Working Directory's Permissions](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/directory-permissions/index.md) How to assign to the pool the right permissions on the working directory. -- [ Finalize the Installation ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/finalization/index.md) +- [Finalize the Installation](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/finalization/index.md) How to finalize the installation of the agent. diff --git a/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/directory-permissions/index.md b/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/directory-permissions/index.md index e05a13116c..8a8a79c24b 100644 --- a/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/directory-permissions/index.md +++ b/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/directory-permissions/index.md @@ -59,4 +59,4 @@ Set the working directory's permissions by proceeding as follows: ## Next Steps -To continue, [ Finalize the Installation ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/finalization/index.md)in a few steps. +To continue, [Finalize the Installation](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/finalization/index.md)in a few steps. diff --git a/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/finalization/index.md b/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/finalization/index.md index d2983f8295..5b0d8ddb45 100644 --- a/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/finalization/index.md +++ b/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/finalization/index.md @@ -21,15 +21,15 @@ Finalize the installation of the agent by proceeding as follows: [Windows' hosting bundle for ASP.Net Runtime](https://dotnet.microsoft.com/en-us/download/dotnet/8.0). If the bundle was installed before - [ Configure the Pool and Site ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-configuration/index.md), then IIS might not display the + [Configure the Pool and Site](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-configuration/index.md), then IIS might not display the AspNetCore module and Identity Manager will not run. In this case, relaunch the bundle's installation executable to perform a repair. 2. When using a proxy, adjust the configuration accordingly. See the - [ Reverse Proxy ](/docs/identitymanager/6.2/installation-guide/reverse-proxy/index.md)topic for additional + [Reverse Proxy](/docs/identitymanager/6.2/installation-guide/reverse-proxy/index.md)topic for additional information. ## Next Steps To continue, follow the instructions to verify the agent's installation. See the -[ Install the Production Agent ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/index.md) topic for additional information. +[Install the Production Agent](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-configuration/index.md b/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-configuration/index.md index 366454a6ee..57ec06314a 100644 --- a/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-configuration/index.md +++ b/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-configuration/index.md @@ -70,4 +70,4 @@ Configure the application pool and site by proceeding as follows: ## Next Steps -To continue, [ Set the Working Directory's Permissions ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/directory-permissions/index.md). +To continue, [Set the Working Directory's Permissions](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/directory-permissions/index.md). diff --git a/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-installation/index.md b/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-installation/index.md index 136fece9cf..44d8028f26 100644 --- a/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-installation/index.md +++ b/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-installation/index.md @@ -49,4 +49,4 @@ Install IIS via Server Manager by proceeding as follows: ## Next Steps -To continue,[ Configure the Pool and Site ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-configuration/index.md)and website via IIS. +To continue,[Configure the Pool and Site](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-configuration/index.md)and website via IIS. diff --git a/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/index.md b/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/index.md index 047a78cf38..4c4f3c28cf 100644 --- a/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/index.md +++ b/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/index.md @@ -7,7 +7,7 @@ sidebar_position: 20 # Install the Production Agent This guide shows how to install an agent separated from the server, for production environment. See -the [ Architecture ](/docs/identitymanager/6.2/introduction-guide/architecture/index.md)topic for additional +the [Architecture](/docs/identitymanager/6.2/introduction-guide/architecture/index.md)topic for additional information. ## Overview @@ -15,7 +15,7 @@ information. Like all agents, the production agent aims to extract data from a given managed system, and transmit said data to the Identity Manager server. If necessary, the agent also enables the managed system's provisioning according to the orders computed by the Identity Manager server. See the -[ Architecture ](/docs/identitymanager/6.2/introduction-guide/architecture/index.md) topic for additional +[Architecture](/docs/identitymanager/6.2/introduction-guide/architecture/index.md) topic for additional information. Identity Manager solution can use several agents, each of them manages a given system. This section @@ -23,13 +23,13 @@ is about installing the agent managing the production environment. Once agents are configured in addition to the default one provided by SaaS, you need to think about what agent to choose during each -[ Create the Connector ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-declaration/index.md)declaration. The +[Create the Connector](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-declaration/index.md)declaration. The appropriate agent has access to the managed system. ## Requirements Ensure that all -[ Agent ](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md)requirements can be +[Agent](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md)requirements can be met before starting the installation of the production agent. Requirements for the agent installation can change over the course of the project, according to the @@ -50,20 +50,20 @@ Integrators should have all the elements they need to operate. | Input | Output | | -------------------------------------------------------------------------------------------------------- | ---------------- | -| [ Agent ](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md) prerequisites (required) | Production agent | +| [Agent](/docs/identitymanager/6.2/installation-guide/requirements/agent-requirements/index.md) prerequisites (required) | Production agent | ## Install the Production Agent Install the production agent by proceeding as follows: -1. [ Create a Working Directory ](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) +1. [Create a Working Directory](/docs/identitymanager/6.2/installation-guide/production-ready/working-directory/index.md) and make sure it contains the folders: `Mails`; `Sources`; `Temp`; `Work`. -2. [ Configure the Agent's Settings ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/settings-files/index.md) via the `web.config`, +2. [Configure the Agent's Settings](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/settings-files/index.md) via the `web.config`, `appsettings.json` and `appsettings.agent.json` files. -3. Configure the local server to [ Install IIS via Server Manager ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-installation/index.md). -4. [ Configure the Pool and Site ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-configuration/index.md) via IIS. -5. [ Set the Working Directory's Permissions ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/directory-permissions/index.md). -6. [ Finalize the Installation ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/finalization/index.md). +3. Configure the local server to [Install IIS via Server Manager](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-installation/index.md). +4. [Configure the Pool and Site](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-configuration/index.md) via IIS. +5. [Set the Working Directory's Permissions](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/directory-permissions/index.md). +6. [Finalize the Installation](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/finalization/index.md). ## Verify Agent Installation diff --git a/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/settings-files/index.md b/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/settings-files/index.md index 75224a232f..bbb5b61ad1 100644 --- a/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/settings-files/index.md +++ b/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/settings-files/index.md @@ -34,7 +34,7 @@ Configure the agent's settings by proceeding as follows: ``` - web.config +**web.config** ... ... @@ -48,35 +48,27 @@ Configure the agent's settings by proceeding as follows: - **IdentityServer** contains the encryption certificate's path and password provided by Netwrix Identity Manager (formerly Usercube) team, in order to secure agent/server identification; - > For example: - > - > ``` - > - > appsettings.json - > - > "IdentityServer": { - > "X509KeyFilePath": "./identitymanager.pfx", - > "X509KeyFilePassword": "secret" - > } - > - > ``` + For example (in `appsettings.json`): + + ```json + "IdentityServer": { + "X509KeyFilePath": "./identitymanager.pfx", + "X509KeyFilePassword": "secret" + } + ``` - you get an encryption certificate which will be used to encrypt specific files such as logs or temporary files, and that **EncryptionCertificate** contains its path and password; - > For example: - > - > ``` - > - > appsettings.json - > - > "EncryptionCertificate": { - > "File": "./identitymanager-Files.pfx", - > "Password": "secret", - > "EncryptFile": true - > } - > - > ``` + For example (in `appsettings.json`): + + ```json + "EncryptionCertificate": { + "File": "./identitymanager-Files.pfx", + "Password": "secret", + "EncryptFile": true + } + ``` **EncryptFile** can stay set to `false` while verifying the agent installation, but for security reasons it must be set to `true` afterwards. @@ -87,30 +79,24 @@ Configure the agent's settings by proceeding as follows: - **ApplicationUri** contains the server's address, provided by Netwrix Identity Manager (formerly Usercube) team when working in a SaaS environment; - > For example: - > - > ``` - > - > appsettings.json - > - > "ApplicationUri": "http://localhost:5000" - > - > ``` + For example (in `appsettings.json`): + + ```json + "ApplicationUri": "http://localhost:5000" + ``` Do not write a `/` character at the end of the string. - **Cors** > **AllowAnyHeader**, **AllowAnyMethod** and **AllowCredentials** are set to `true`; - ``` - - appsettings.json - - "Cors": { - "AllowAnyHeader": "true", - "AllowAnyMethod": "true", - "AllowCredentials": "true" - } + For example (in `appsettings.json`): + ```json + "Cors": { + "AllowAnyHeader": "true", + "AllowAnyMethod": "true", + "AllowCredentials": "true" + } ``` 4. Open `appsettings.agent.json` and make sure that: @@ -120,151 +106,121 @@ Configure the agent's settings by proceeding as follows: [appsettings.agent](/docs/identitymanager/6.2/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) topic for additional information.. - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "OpenId": { - > "AgentIdentifier": "MyAgent" - > } - > - > ``` - > - > With the following configuration: - > - > ``` - > - > - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "OpenId": { + "AgentIdentifier": "MyAgent" + } + ``` + + With the following configuration: + + For example (in XML): + + ```xml + + ``` - **OpenId** > **OpenIdClients** > **Job** contains the non-hashed value of the password of "Job-Remote" provided by NETWRIX' team - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "OpenId": { - > "AgentIdentifier": "MyAgent", - > "OpenIdClients": { - > "Job": "secret" - > } - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "OpenId": { + "AgentIdentifier": "MyAgent", + "OpenIdClients": { + "Job": "secret" + } + } + ``` and add the hashed value of this password to the `OpenIdClient` named `Job` from the XML configuration; - > For example: - > - > ``` - > - > - > - > ``` + For example (in XML): + + ```xml + + ``` - **OpenId** > **DefaultOpenIdClient** is set to `Job`; - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "OpenId": { - > "AgentIdentifier": "MyAgent", - > "OpenIdClients": { - > "Job": "secret" - > }, - > "DefaultOpenIdClient": "Job" - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "OpenId": { + "AgentIdentifier": "MyAgent", + "OpenIdClients": { + "Job": "secret" + }, + "DefaultOpenIdClient": "Job" + } + ``` - **PasswordResetSettings** > **TwoFactorSettings** > **ApplicationUri** contains the server's address, provided by NETWRIX' team when working in a SaaS environment; - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "PasswordResetSettings": { - > "TwoFactorSettings": { - > "ApplicationUri": "http://localhost:5000" - > } - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "PasswordResetSettings": { + "TwoFactorSettings": { + "ApplicationUri": "http://localhost:5000" + } + } + ``` - **PasswordResetSettings** > **EncryptionCertificate** contains contains the path and password of the certificate used to secure password tokens; - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "PasswordResetSettings": { - > "TwoFactorSettings": { - > "ApplicationUri": "http://localhost:5000" - > }, - > "EncryptionCertificate": { - > "File": "../identitymanager.pfx", - > "Password": "secret" - > } - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "PasswordResetSettings": { + "TwoFactorSettings": { + "ApplicationUri": "http://localhost:5000" + }, + "EncryptionCertificate": { + "File": "../identitymanager.pfx", + "Password": "secret" + } + } + ``` - **PasswordResetSettings** > **MailSettings** > **PickupDirectory** is set to the `Mails` folder and **FromAddress** to `no-reply@.com`; - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "PasswordResetSettings": { - > "TwoFactorSettings": { - > "ApplicationUri": "http://localhost:5000" - > }, - > "EncryptionCertificate": { - > "File": "../identitymanager.pfx", - > "Password": "secret" - > }, - > "MailSettings": { - > "PickupDirectory": "../Mails", - > "FromAddress": "no-reply@contoso.com" - > } - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "PasswordResetSettings": { + "TwoFactorSettings": { + "ApplicationUri": "http://localhost:5000" + }, + "EncryptionCertificate": { + "File": "../identitymanager.pfx", + "Password": "secret" + }, + "MailSettings": { + "PickupDirectory": "../Mails", + "FromAddress": "no-reply@contoso.com" + } + } + ``` - **SourcesRootPaths** contains the path to the `Sources` folder. - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "SourcesRootPaths": [ - > "C:/identitymanager/Sources" - > ] - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "SourcesRootPaths": [ + "C:/identitymanager/Sources" + ] + ``` ## Next Steps To continue,see the local server to -[ Install IIS via Server Manager ](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-installation/index.md). +[Install IIS via Server Manager](/docs/identitymanager/6.2/user-guide/deploy/production-agent-installation/iis-installation/index.md). diff --git a/docs/identitymanager/6.2/user-guide/global-process/howto-maintaindirectory/index.md b/docs/identitymanager/6.2/user-guide/global-process/howto-maintaindirectory/index.md index 6915ddc640..267a13f9a6 100644 --- a/docs/identitymanager/6.2/user-guide/global-process/howto-maintaindirectory/index.md +++ b/docs/identitymanager/6.2/user-guide/global-process/howto-maintaindirectory/index.md @@ -15,6 +15,6 @@ How to keep the workforce directory up to date. ## Process Details Be aware that the integration of an IGA tool is an iterative process. Thus, after following -the[ How to Start ](/docs/identitymanager/6.2/user-guide/global-process/howto-start/index.md) process and creating the workforce directory, you can +the[How to Start](/docs/identitymanager/6.2/user-guide/global-process/howto-start/index.md) process and creating the workforce directory, you can come back at any time and complete the directory that you started -[ Update Identity Data ](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/index.md). +[Update Identity Data](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/index.md). diff --git a/docs/identitymanager/6.2/user-guide/global-process/howto-newsystem/index.md b/docs/identitymanager/6.2/user-guide/global-process/howto-newsystem/index.md index 06169cffff..1d5b9a9565 100644 --- a/docs/identitymanager/6.2/user-guide/global-process/howto-newsystem/index.md +++ b/docs/identitymanager/6.2/user-guide/global-process/howto-newsystem/index.md @@ -18,17 +18,17 @@ The **option A** leads quickly to the implementation in production environment, application in Identity Manager's scope. With this, you can [Review Orphaned and Unused Accounts](/docs/identitymanager/6.2/user-guide/administrate/orphan-unused-account-review/index.md), [Provision](/docs/identitymanager/6.2/user-guide/administrate/provisioning/index.md) the AD, -[ Reconcile a Property ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md), -and [ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md), for example the list of profiles +[Reconcile a Property](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md), +and [Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md), for example the list of profiles assigned to users. The **option B** takes more time as it goes through the creation of the role model based on the system's entitlements, but it leads to even more gain as you can also -[ Reconcile a Role ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md), -[ Perform Access Certification ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md)access +[Reconcile a Role](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md), +[Perform Access Certification](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md)access certification and -[ Request Entitlement Assignment ](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md), and also -[ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md), for example the list of assigned single +[Request Entitlement Assignment](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md), and also +[Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md), for example the list of assigned single roles. The option B is more complicated and time-consuming than the option A, but leads to more gain. Be @@ -40,21 +40,21 @@ aware that you can go through the process options simultaneously. ### Common starting steps -1. [ Connect to a Managed System ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md): create the appropriate +1. [Connect to a Managed System](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md): create the appropriate connector with its connections and entity types. -2. [ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) into Identity Manager. +2. [Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) into Identity Manager. - Based on this, you can [ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md), for example + Based on this, you can [Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md), for example the list of resources in the system. A few predefined reports are available from the start, you can generate any report from this list as soon as it makes sense according to the integration progress. -3. [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) in order to classify them +3. [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) in order to classify them according to their intent, and correlate these resources with their owners. -4. [ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) to write to the +4. [Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) to write to the system in order to update the resources' properties directly in the system. 5. Adjust the rules by - [ Reconcile a Property ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) + [Reconcile a Property](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) resources, i.e. analyze the differences spotted between the reality of resources' properties and those computed by the previously established rules. Especially, verify that accounts are correlated to the right owners and that their properties have the right values. @@ -74,9 +74,9 @@ Go directly to the common final steps (step 8). ### Option B: First build the role model -6. [ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) for +6. [Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) for applications managed by the system. -7. [ Automate Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md) if needed: use Role +7. [Automate Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md) if needed: use Role Mining to create single role rules in bulk; adjust the generated rules individually and manually. ### Common final steps diff --git a/docs/identitymanager/6.2/user-guide/global-process/howto-start/index.md b/docs/identitymanager/6.2/user-guide/global-process/howto-start/index.md index 521b4c79ee..887ea6acee 100644 --- a/docs/identitymanager/6.2/user-guide/global-process/howto-start/index.md +++ b/docs/identitymanager/6.2/user-guide/global-process/howto-start/index.md @@ -15,7 +15,7 @@ There is no option fundamentally better than the others, your decision must depe The **option 1** leads quickly to identity management, i.e. users' on-boarding/movement/off-boarding without needing a periodic synchronization. See the -[ Update Identity Data ](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/index.md) topic for additional +[Update Identity Data](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/index.md) topic for additional information. The **option 2A** takes more time as it requires the installation of an agent on your network in @@ -23,16 +23,16 @@ order to connect Identity Manager to the system and use the AD's data, but it le you can also [Review Orphaned and Unused Accounts](/docs/identitymanager/6.2/user-guide/administrate/orphan-unused-account-review/index.md), [Provision](/docs/identitymanager/6.2/user-guide/administrate/provisioning/index.md) the AD, -[ Reconcile a Property ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md)properties, -and [ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md), for example the list of profiles +[Reconcile a Property](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md)properties, +and [Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md), for example the list of profiles assigned to users. The **option 2B** takes even more time as it goes through the creation of the role model based on the system's entitlements, but it leads to even more gain as you can also -[ Reconcile a Role ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md), -[ Perform Access Certification ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md) and -[ Request Entitlement Assignment ](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md), and also -[ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md), for example the list of assigned single +[Reconcile a Role](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md), +[Perform Access Certification](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md) and +[Request Entitlement Assignment](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md), and also +[Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md), for example the list of assigned single roles. The options 2A and 2B are more complicated and time-consuming than the option 1, but lead to more @@ -48,8 +48,8 @@ simultaneously. ### Common starting steps -1. [ Install the Development Environment ](/docs/identitymanager/6.2/user-guide/set-up/development-environment-installation/index.md). -2. [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md): configure +1. [Install the Development Environment](/docs/identitymanager/6.2/user-guide/set-up/development-environment-installation/index.md). +2. [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md): configure the generation of unique properties; load workforce identities to Identity Manager; adjust the data model. @@ -69,25 +69,25 @@ Go directly to the common final steps (step 10). Starting with an external system requires the installation of a local agent. 3. Connect Identity Manager to the system by creating a connector. See the - [ Connect to a Managed System ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) topic for additional + [Connect to a Managed System](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) topic for additional information. -4. [ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md)the system's data into Identity +4. [Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md)the system's data into Identity Manager. - Based on this, you can [ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md), for example + Based on this, you can [Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md), for example the list of resources in the system. A few predefined reports are available from the start, you can generate any report from this list as soon as it makes sense according to the integration progress. -5. [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) in order to classify them +5. [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) in order to classify them according to their intent, and correlate these resources with their owners. -6. [ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) to write to the +6. [Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) to write to the system in order to update the resources' properties directly in the system. 7. Adjust the rules by reconciling resources, i.e. analyze the differences spotted between the reality of resources' properties and those computed by the previously established rules. Especially, verify that accounts are correlated to the right owners and that their properties have the right values. See the - [ Reconcile a Property ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) + [Reconcile a Property](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. Either the integrator handles the customization of the rules and the review of non-conforming @@ -105,9 +105,9 @@ Go directly to the common final steps (step 10). ### Option 2B: First build the role model -8. [ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) for +8. [Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) for applications managed by the system. -9. [ Automate Role Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) +9. [Automate Role Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) if needed: use Role Mining to create single role rules in bulk; adjust the generated rules individually and manually. @@ -115,7 +115,7 @@ Go directly to the common final steps (step 10). 10. Adjust HR workflows to keep the workforce directory updated (only in XML configuration). 11. Define the permissions for your user profiles. See the - [ Configure a User Profile ](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) topic for + [Configure a User Profile](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. 12. Define the authentication mode by configuring `SelectUserByIdentityQueryHandlerSetting` (only in XML configuration), and [Assign Users a Profile](/docs/identitymanager/6.2/user-guide/set-up/user-profile-assignment/index.md) diff --git a/docs/identitymanager/6.2/user-guide/global-process/index.md b/docs/identitymanager/6.2/user-guide/global-process/index.md index cac0cf93c6..f0d3874fde 100644 --- a/docs/identitymanager/6.2/user-guide/global-process/index.md +++ b/docs/identitymanager/6.2/user-guide/global-process/index.md @@ -15,14 +15,14 @@ Be aware that the integration of an IGA tool is an iterative process. There is n process. This user guide provides the following processes that can follow one another and intertwine. -- [ How to Start ](/docs/identitymanager/6.2/user-guide/global-process/howto-start/index.md) +- [How to Start](/docs/identitymanager/6.2/user-guide/global-process/howto-start/index.md) How to start integrating Identity Manager with your own needs. -- [ How to Maintain the Workforce Directory ](/docs/identitymanager/6.2/user-guide/global-process/howto-maintaindirectory/index.md) +- [How to Maintain the Workforce Directory](/docs/identitymanager/6.2/user-guide/global-process/howto-maintaindirectory/index.md) How to keep the workforce directory up to date. -- [ How to Implement a New System ](/docs/identitymanager/6.2/user-guide/global-process/howto-newsystem/index.md) +- [How to Implement a New System](/docs/identitymanager/6.2/user-guide/global-process/howto-newsystem/index.md) How to add a new system to the solution. diff --git a/docs/identitymanager/6.2/user-guide/index.md b/docs/identitymanager/6.2/user-guide/index.md index 4d8179428a..ce573f021b 100644 --- a/docs/identitymanager/6.2/user-guide/index.md +++ b/docs/identitymanager/6.2/user-guide/index.md @@ -52,7 +52,7 @@ contribute to a same goal. While some activities must be carried out before others for technical and/or functional reasons, the order is not absolute. Please follow the instructions and recommendations detailed with the -[ Global Process ](/docs/identitymanager/6.2/user-guide/global-process/index.md). +[Global Process](/docs/identitymanager/6.2/user-guide/global-process/index.md). All activities are organized into bigger sections which are distinguishable by their functional intent: set up; administrate; optimize; deploy and maintain. @@ -88,7 +88,7 @@ Identity Manager is already running in production. ## How to Use this Guide -Start by studying the [ Global Process ](/docs/identitymanager/6.2/user-guide/global-process/index.md). that details every activity in +Start by studying the [Global Process](/docs/identitymanager/6.2/user-guide/global-process/index.md). that details every activity in their respective sections and how they relate to one another. You will get a good view of the steps to take from start to finish. diff --git a/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/index.md b/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/index.md index 6267d82b71..453b6131b3 100644 --- a/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/index.md +++ b/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/index.md @@ -32,7 +32,7 @@ Integrators are able to perform an identity update if they master the new data. | ----------------------------------------------------------- | --------------------------- | | Identity repository (required) New identity data (required) | Updated identity repository | -See the [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic +See the [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. ## Modify Identity Data @@ -40,9 +40,9 @@ for additional information. Modify identity data by proceeding as follows, according to the changes to be made: - either update data individually by using predefined workflows in the UI; See the - [ Update an Individual Identity ](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/individual-update/index.md) topic for additional information. + [Update an Individual Identity](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/individual-update/index.md) topic for additional information. - or perform a same change on several identities simultaneously by using Identity Manager's - predefined workflow in the UI; See the [ Update Identities in Bulk ](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/mass-update/index.md) topic + predefined workflow in the UI; See the [Update Identities in Bulk](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/mass-update/index.md) topic for additional information. - or update data on a massive scale by uploading an external file into Identity Manager, as an incremental version of the identity repository. diff --git a/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/individual-update/index.md b/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/individual-update/index.md index acc38a3466..dd8125c043 100644 --- a/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/individual-update/index.md +++ b/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/individual-update/index.md @@ -28,7 +28,7 @@ department. | ----------------------------------------------------------- | --------------------------- | | Identity repository (required) New identity data (required) | Updated identity repository | -See the [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) +See the [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. ## Declare a New Identity @@ -45,7 +45,7 @@ Declare a new worker by proceeding as follows: 3. Follow the workflow's instructions to fill the form with the user's data, choose the user's entitlements from your role catalog and send the request. See the - [ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) + [Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Act on an Existing Identity diff --git a/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/mass-update/index.md b/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/mass-update/index.md index 5e7a167d94..2078278eb0 100644 --- a/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/mass-update/index.md +++ b/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/mass-update/index.md @@ -30,7 +30,7 @@ Identity data can be updated most often in cooperation with the HR department. | ----------------------------------------------------------- | --------------------------- | | Identity repository (required) New identity data (required) | Updated identity repository | -See the [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) +See the [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. ## Update Data in Complete Mode @@ -59,7 +59,7 @@ Mass update identity data (in complete mode) by proceeding as follows: 8. Click on **Save & Close**. 9. Back on the connector's page, launch synchronization. See the - [ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) topic for additional information. + [Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) topic for additional information. Be cautious about thresholds. @@ -88,7 +88,7 @@ Mass update identity data (in incremental mode) by proceeding as follows: - `Delete` to remove attributes from the datamodel; Instead of using `Delete`, you can scan the data model to exclude unused attributes. See the - [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) + [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. - `Merge` to input an identity's data and modify the corresponding attributes if said identity @@ -108,7 +108,7 @@ Mass update identity data (in incremental mode) by proceeding as follows: 8. Click on **Save & Close**. 9. Back on the connector's page, launch synchronization. See the - [ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) topic for additional information. + [Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) topic for additional information. Be cautious about thresholds. @@ -134,4 +134,4 @@ In order to verify the process: - Create reports with indicators on the workers number per type or per organization for example (through Identity Manager' predefined reports, the Query module or Power BI), in order to ensure that Identity Manager's content sticks to reality. See the - [ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for additional information. + [Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/multiple-update/index.md b/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/multiple-update/index.md index 91ffd54466..a053300f64 100644 --- a/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/multiple-update/index.md +++ b/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/multiple-update/index.md @@ -27,7 +27,7 @@ department. | ----------------------------------------------------------- | --------------------------- | | Identity repository (required) New identity data (required) | Updated identity repository | -See the [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) +See the [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. ## Update @@ -72,4 +72,4 @@ In order to verify the process: - Create reports with indicators, for example, on the number of workers per type or per organization (through Identity Manager's predefined reports, the Query module or Power BI), to ensure that Identity Manager's content sticks to reality. See the - [ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for additional information. + [Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/user-guide/maintain/index.md b/docs/identitymanager/6.2/user-guide/maintain/index.md index dcf3f35080..b120cb94fd 100644 --- a/docs/identitymanager/6.2/user-guide/maintain/index.md +++ b/docs/identitymanager/6.2/user-guide/maintain/index.md @@ -6,24 +6,24 @@ sidebar_position: 60 # Maintain -- [ Update Identity Data ](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/index.md) +- [Update Identity Data](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/index.md) How to perform modifications in the identity repository, to manage onboarding, offboarding and position changes. - - [ Update an Individual Identity ](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/individual-update/index.md) + - [Update an Individual Identity](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/individual-update/index.md) How to perform changes in data for a single identity, through the UI. - - [ Update Multiple Identities ](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/multiple-update/index.md) + - [Update Multiple Identities](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/multiple-update/index.md) How to perform a same change in data for several identities simultaneously, through the UI. - - [ Update Identities in Bulk ](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/mass-update/index.md) + - [Update Identities in Bulk](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/mass-update/index.md) How to perform a mass change in identity data, by uploading a complete or incremental version of the identity repository. -- [ Troubleshoot ](/docs/identitymanager/6.2/user-guide/maintain/troubleshooting/index.md) +- [Troubleshoot](/docs/identitymanager/6.2/user-guide/maintain/troubleshooting/index.md) How to troubleshoot Identity Manager when facing technical issues. diff --git a/docs/identitymanager/6.2/user-guide/maintain/troubleshooting/index.md b/docs/identitymanager/6.2/user-guide/maintain/troubleshooting/index.md index cce6f53a25..577f872ea5 100644 --- a/docs/identitymanager/6.2/user-guide/maintain/troubleshooting/index.md +++ b/docs/identitymanager/6.2/user-guide/maintain/troubleshooting/index.md @@ -17,7 +17,7 @@ to give some clues and use cases in order to solve usual issues. > IP address is being changed, or an important password is being modified. See the -[ Troubleshoot Connector Jobs ](/docs/identitymanager/6.2/integration-guide/tasks-jobs/troubleshoot-connector-jobs/index.md) +[Troubleshoot Connector Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/troubleshoot-connector-jobs/index.md) troubleshooting instructions concerning connector jobs. ### Prerequisites @@ -71,7 +71,7 @@ If a synchronization threshold is exceeded, then check whether the threshold is it means that the warning comes from a change in the managed system, so you should fix the data directly in the managed system. -See more details on [ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) thresholds. +See more details on [Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) thresholds. ## Troubleshoot Provisioning Issues @@ -81,7 +81,7 @@ If provisioning orders are blocked while expected to be automatic, it can come f - the **Require Provisioning Review** option being enabled in the related resource type; - the role model being computed through the - [ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) + [Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) or the corresponding executable, with the block provisioning option; - a provisioning order being already blocked for the same resource due to a prior operation; - a correlation/classification rule with a confidence rate below 100%, which means that either diff --git a/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md b/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md index d546a6e4b4..295810efc0 100644 --- a/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md +++ b/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md @@ -7,7 +7,7 @@ sidebar_position: 10 # Automate Role Assignments How to manually build rules to automate the assignment of roles to identities. See -the[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) +the[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Overview @@ -15,7 +15,7 @@ topic for additional information. Single role rules and composite role rules are assignment rules. Assignment rules are designed to automatically assign respectively single roles and composite roles (based on specific criteria) to identities. One rule must be created for every role to assign. See -the[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) +the[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Participants and Artifacts @@ -27,7 +27,7 @@ application's users, entitlements and data model. | ----------------------- | --------------------- | | Role Catalog (required) | Role assignment rules | -See the[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) +See the[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Create a Role Assignment Rule @@ -75,7 +75,7 @@ Create a role assignment rule by proceeding as follows: ## Impact of Modifications Any modification in a role assignment rule is taken into account when the next -[ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) runs to compute new assignments. Therefore, if a given rule's criterion is modified, then all corresponding assignments are computed again. If a role was assigned automatically to an identity by a role assignment rule, and if this assignment doesn't comply with the new version of the rule, then @@ -91,7 +91,7 @@ system. > `Orleans` department get said role, while the users in the `Tours` department are deprived of said > role. -[ Perform a Simulation ](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) is available in order to anticipate the changes +[Perform a Simulation](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) is available in order to anticipate the changes induced by a creation/modification/deletion in role assignment rules. Assignment rules can sometimes give to users an entitlement that they had already received manually. diff --git a/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md b/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md index 92ac7040fe..e43421be3d 100644 --- a/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md +++ b/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md @@ -19,15 +19,15 @@ decisions, based on several automation levels provided by Identity Manager: 1. Automation of the creation of the role model, i.e. both roles and navigation rules that represent entitlements in the managed systems, through - [ Create Roles in Bulk ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) + [Create Roles in Bulk](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) based on resources' naming conventions in the managed systems. 2. Automation of entitlement assignment through assignment rules, which use identity criteria (called dimensions, like identities' department or work location, etc.) to decide what entitlements to assign automatically to identities. See the - [ Conforming Assignments ](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md) + [Conforming Assignments](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md) topic for additional information. 3. Automation of the creation of said assignment rules through - [ Perform Role Mining ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md), based on existing data analysis. + [Perform Role Mining](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md), based on existing data analysis. ![Automation Concept](/img/product_docs/identitymanager/saas/user-guide/optimize/assignment-automation/automation_schema.webp) @@ -52,11 +52,11 @@ assignment poses the following risks: - Delay can happen: on the day a worker joins an organization, they rely on a manual action to get all the entitlements required for them to start working. Even with roles aiming to help managers to understand actual entitlements, delay happens. See - the[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic + the[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information.Errors can happen: human mistakes are expected in role distribution, even though largely mitigated by the role review process and - [ Perform Access Certification ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md). See the - [ Reconcile a Role ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) + [Perform Access Certification](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md). See the + [Reconcile a Role](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) topic for additional information. - It is time-consuming. @@ -139,14 +139,14 @@ At this point, integrators should have all the elements they need to operate. | ----------------------- | ---------------------------- | | Role Catalog (required) | Ideally automated role model | -See the[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) +See the[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Automate Entitlement Assignment The process of assignment automation is the following: -1. [ Perform Role Mining ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) to approach the automation wall. +1. [Perform Role Mining](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) to approach the automation wall. Role Mining covers more use cases than writing assignment rules manually. It diminishes the error rate and implies a lower execution cost. And thus, it brings the optimal cost closer to @@ -170,7 +170,7 @@ The process of assignment automation is the following: the error rate allows Identity Manager to "ignore" one of the departments in the organization, and optimize automation. -2. [ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md)and analyze them with tools like Power +2. [Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md)and analyze them with tools like Power BI to assess the automation wall and identify improvement areas. > For example in the following Power BI chart, automation is, on average, highly implemented @@ -213,7 +213,7 @@ The process of assignment automation is the following: > in this direction to enhance automation. Moreover, focus must be directed on actual and correct entitlements, using Identity Manager's - [ Perform Access Certification ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md). + [Perform Access Certification](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md). Data reliability prevents integrators from easy extrapolation mistakes. diff --git a/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/remove-redundant-assignments/index.md b/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/remove-redundant-assignments/index.md index a9254f65cd..caec2ed28f 100644 --- a/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/remove-redundant-assignments/index.md +++ b/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/remove-redundant-assignments/index.md @@ -16,7 +16,7 @@ topic for additional information. Assignment rules can sometimes give to users an entitlement that they had already received manually. Hence, new assignment rules can imply redundancies between the entitlements assigned manually and approved, and those calculated by a rule and assigned automatically. See the -[ Automate Role Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) topic for additional +[Automate Role Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) topic for additional information. Netwrix recommends removing redundant assignments after any assignment rule is created or updated. @@ -84,9 +84,9 @@ application's users, entitlements and data model. | Role catalog (required) Role assignment rules (required) Role mining (optional) | Minimized derogation’s | See the -[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md), -[ Automate Role Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md), and -[ Perform Role Mining ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) topics for additional information. +[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md), +[Automate Role Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md), and +[Perform Role Mining](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) topics for additional information. ## Remove Redundant Assignments @@ -101,7 +101,10 @@ Remove redundant assignments by proceeding as follows: **Step 2 –** Click on **Analyze** to tag the manual roles and resource types from all policies eligible for conversion to an automatic state. -**NOTE:** Previous tags are cleared at each instance of this tagging process. +:::note +Previous tags are cleared at each instance of this tagging process. +::: + **Step 3 –** Click on **Download Excel** to download a dedicated XLSX report which contains one tab per entity type representing identities. diff --git a/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md b/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md index 7fe5b0aabc..cd67b34e3e 100644 --- a/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md +++ b/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md @@ -7,7 +7,7 @@ sidebar_position: 20 # Perform Role Mining How to use role mining to suggest role assignment rules based on existing assignments, in order to -push the [ Automate Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md) wall further. +push the [Automate Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md) wall further. ## Overview @@ -17,7 +17,7 @@ roles to users according to their attributes which are used as assignment criter > For example, in the AD, entitlements are given through group membership. Integrators create a > navigation rule to assign each group to the users who have the corresponding single role. Then, > the -> [ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +> [Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) > is able to assign single roles to users according to their existing group membership. > > In addition to group membership, the assignment of an entitlement to users could also depend on @@ -42,15 +42,15 @@ assignment rules. Role mining being a statistic tool based on existing entitlement assignments, it appears useless if the role model contains fewer than 2,000 role assignments. Then, start by reinforcing the Role Catalog. See -the[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) +the[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ### Technical Principles Role mining works through -[ Mining Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md) +[Mining Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md) that Identity Manager applies with the -[ Get Role Mining Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md). +[Get Role Mining Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md). ### Entitlement differentiation with rule types @@ -94,7 +94,7 @@ At this point, integrators should have all the elements they need to operate. | ----------------------- | ----------------- | | Role Catalog (required) | Single role rules | -See the[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) +See the[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Create a Mining Rule @@ -119,7 +119,7 @@ Create a mining rule by proceeding as follows: the mining rule is applied, i.e. the entity type targeted by role mining's entitlement analysis. - `Category`: - [ Create a Category ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md) + [Create a Category](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md) containing the roles targeted by role mining's analysis. - `Include roles with specific validations`: includes in role mining's analysis the roles requiring zero and/or one and/or two and/or three validations. @@ -162,7 +162,7 @@ Create a mining rule by proceeding as follows: 3. Click on **Create** and see a line added on the rules page. 4. Click on **Simulate** to perfom role mining in a simulation. See - the[ Perform a Simulation ](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) topic for additional information. + the[Perform a Simulation](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) topic for additional information. ![Role Mining Jobs](/img/product_docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/rolemining_launchjob_v602.webp) diff --git a/docs/identitymanager/6.2/user-guide/optimize/composite-role-creation/index.md b/docs/identitymanager/6.2/user-guide/optimize/composite-role-creation/index.md index 50d0a411ea..fa79dab156 100644 --- a/docs/identitymanager/6.2/user-guide/optimize/composite-role-creation/index.md +++ b/docs/identitymanager/6.2/user-guide/optimize/composite-role-creation/index.md @@ -7,8 +7,8 @@ sidebar_position: 70 # Create a Composite Role How to define composite roles in order to create sets of single roles easy to assign. See the -[ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) -and [ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md)topics +[Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) +and [Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md)topics for additional information. ## Overview @@ -16,7 +16,7 @@ for additional information. A composite role is a set of single roles that are usually assigned together, because they revolve around the same application, or the same job, etc. Composite roles are aggregates of single roles, they can help organize the role catalog. See the -[ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) +[Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) topic for additional information. ![Schema](/img/product_docs/identitymanager/saas/user-guide/optimize/composite-role-creation/compositeroles_applicativeroles.webp) @@ -28,7 +28,7 @@ user to perform a task, a composite role allows them to perform a job. ### Composite roles and Role Mining Composite roles can also be created based on the rules provided by Role Mining. Rules link roles to -dimensions. See the [ Perform Role Mining ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) topic for +dimensions. See the [Perform Role Mining](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) topic for additional information. The following example shows single roles from A to F. Role Mining suggested the rules on the schema, @@ -43,7 +43,7 @@ abstraction layer. Single role rules link composite roles to single roles: a single role rule states that specific single roles are assigned according to specific criteria, particularly composite roles. See the [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) -and [ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md)topics +and [Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md)topics for additional information. Thus, a composite role assignment can imply specific single role assignments. @@ -56,7 +56,7 @@ application's users, entitlements and data model. | ----------------------- | --------------- | | Role catalog (required) | Composite roles | -See the [ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) +See the [Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Create a Composite Role @@ -116,7 +116,7 @@ that. Simulations are available in order to anticipate the changes induced by a creation/modification/deletion in roles and single role rules. See the -[ Perform a Simulation ](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md)topic for additional information. +[Perform a Simulation](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md)topic for additional information. ## Verify Composite Role Creation @@ -132,4 +132,4 @@ parameters. ![Access Composite Roles](/img/product_docs/identitymanager/saas/user-guide/optimize/composite-role-creation/compositeroles_testroles_v602.webp) For rules, follow the instructions about assignment rules. See the -[ Automate Role Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) +[Automate Role Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) diff --git a/docs/identitymanager/6.2/user-guide/optimize/hr-connector-creation/index.md b/docs/identitymanager/6.2/user-guide/optimize/hr-connector-creation/index.md index 424f6d849b..73805ac43d 100644 --- a/docs/identitymanager/6.2/user-guide/optimize/hr-connector-creation/index.md +++ b/docs/identitymanager/6.2/user-guide/optimize/hr-connector-creation/index.md @@ -8,7 +8,7 @@ sidebar_position: 20 How to create a connector dedicated to the automation of identity management (creation, update, deletion), via the synchronization of HR data into Identity Manager and internal provisioning. See -the[ Connect to a Managed System ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md)provisioning. +the[Connect to a Managed System](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md)provisioning. ## Overview @@ -34,7 +34,7 @@ as contractor data, or the projects employees are working on. This can mean that most of the time. Hence we choose to build the first iteration of the project upon a manual data upload to -[ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md). +[Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md). This way, we do not have to wait for the agent's implementation to create the first profiles and start connecting systems (AD, SAB, SAP, etc.). Thus value is created faster and we can focus on IGA @@ -68,7 +68,7 @@ This operation should be performed in cooperation with HR staff who can access H | ------------------------------- | ------------ | | Identity Repository. (required) | HR connector | -See the [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md)topic +See the [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md)topic for additional information. ## Create an HR Connector @@ -76,9 +76,9 @@ for additional information. Create an HR connector by proceeding as follows: 1. Outside Identity Manager, - [ Model the Data ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md)of your connector. + [Model the Data](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md)of your connector. 2. Declare an HR connector using your local agent. See the - [ Create the Connector ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-declaration/index.md) topic for + [Create the Connector](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-declaration/index.md) topic for additional information. ![HR Connector Declaration](/img/product_docs/identitymanager/saas/user-guide/optimize/hr-connector-creation/hr_connectordeclaration_v602.webp) @@ -96,7 +96,7 @@ Create an HR connector by proceeding as follows: ![HR Entity Type - Navigation Properties](/img/product_docs/identitymanager/saas/user-guide/optimize/hr-connector-creation/hr_entitytypen_v602.webp) -5. Don't forget to reload and [ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) to access +5. Don't forget to reload and [Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) to access HR data within Identity Manager. ![Reload](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/entitytypecreation_reload_v522.webp) diff --git a/docs/identitymanager/6.2/user-guide/optimize/identity-datamodel-modification/index.md b/docs/identitymanager/6.2/user-guide/optimize/identity-datamodel-modification/index.md index fa4ddd2920..92c44570ca 100644 --- a/docs/identitymanager/6.2/user-guide/optimize/identity-datamodel-modification/index.md +++ b/docs/identitymanager/6.2/user-guide/optimize/identity-datamodel-modification/index.md @@ -16,9 +16,9 @@ permissions, and only the information strictly required for this purpose. You already considered the data needed for identity management during: - The initial identities loading and the creation of the identity repository; See the - [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic for + [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. -- [ Model the Data ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md)through connector +- [Model the Data](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md)through connector modeling which is the analysis phase before connector creation; - [Create an Entity Type](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/index.md) which is the technical implementation of the connector model. @@ -33,7 +33,7 @@ This part is about integrating these changes in the existing data model. Identity Manager calls dimensions the attributes that assignment rules rely on. They are essential criteria that differentiate users in order to give them the appropriate roles. See the -[ Conforming Assignments ](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md) +[Conforming Assignments](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md) topic for additional information. ### Personal data security @@ -48,7 +48,7 @@ Integrators are able to perform an identity update if they master the new data m | ------------------------------------------------------------------------ | --------------------------- | | Initial identities loading (required) New identity data model (required) | Updated identity data model | -See the [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic +See the [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. ## Add or Modify Properties @@ -116,8 +116,8 @@ In order to verify the process: If the system contains numerous organizations, it is also possible to list them with their managers through the Query module. See - the[ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for additional information. + the[Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for additional information. -- [ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) with indicators, for example, on the +- [Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) with indicators, for example, on the number of workers per type or per organization (through Identity Manager's predefined reports, the Query module or Power BI), to ensure that Identity Manager's content sticks to reality. diff --git a/docs/identitymanager/6.2/user-guide/optimize/index.md b/docs/identitymanager/6.2/user-guide/optimize/index.md index 6402b86e8e..3a5f272432 100644 --- a/docs/identitymanager/6.2/user-guide/optimize/index.md +++ b/docs/identitymanager/6.2/user-guide/optimize/index.md @@ -6,16 +6,16 @@ sidebar_position: 40 # Optimize -- [ Modify the Identity Data Model ](/docs/identitymanager/6.2/user-guide/optimize/identity-datamodel-modification/index.md) +- [Modify the Identity Data Model](/docs/identitymanager/6.2/user-guide/optimize/identity-datamodel-modification/index.md) How to make data model properties evolve according to the organization's needs. -- [ Create an HR Connector ](/docs/identitymanager/6.2/user-guide/optimize/hr-connector-creation/index.md) +- [Create an HR Connector](/docs/identitymanager/6.2/user-guide/optimize/hr-connector-creation/index.md) How to create a connector dedicated to the automation of identity management (creation, update, deletion), via the synchronization of HR data into Identity Manager and internal provisioning. -- [ Manage Risks ](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md) +- [Manage Risks](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md) How to use the risk management module to identify entitlement assignments that pose a security risk, especially about segregation of duties and high privileges. @@ -28,15 +28,15 @@ sidebar_position: 40 How to automate the review of non-conforming assignments through automation rules. -- [ Automate Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md) +- [Automate Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/index.md) How to automate entitlement assignment. -- [ Automate Role Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) +- [Automate Role Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) How to manually build rules to automate the assignment of roles to identities. -- [ Perform Role Mining ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) +- [Perform Role Mining](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) How to use role mining to suggest role assignment rules based on existing assignments, in order to push the automation wall further. @@ -54,7 +54,7 @@ sidebar_position: 40 How to reduce the number of roles in the model by configuring roles with parameters. -- [ Perform a Simulation ](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) +- [Perform a Simulation](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) How to assess the impact of a modification on the role model, including the role catalog, role assignment rules and resource correlation rules, using a dedicated policy. diff --git a/docs/identitymanager/6.2/user-guide/optimize/non-conforming-assignment-review-automation/index.md b/docs/identitymanager/6.2/user-guide/optimize/non-conforming-assignment-review-automation/index.md index 204e21ed83..1226f1903b 100644 --- a/docs/identitymanager/6.2/user-guide/optimize/non-conforming-assignment-review-automation/index.md +++ b/docs/identitymanager/6.2/user-guide/optimize/non-conforming-assignment-review-automation/index.md @@ -7,7 +7,7 @@ sidebar_position: 50 # Automate the Review of Non-conforming Assignments How to automate the review of non-conforming assignments through automation rules. See the -[ Review Non-conforming Assignments ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/index.md) +[Review Non-conforming Assignments](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/index.md) and [Automation Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md) topics for additional information. @@ -41,8 +41,8 @@ team's entitlements. | Mastered non-conforming assignment review (required) Categorized accounts (optional) | Automated assignment review | See the -[ Review Non-conforming Assignments ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/index.md) -and [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topics for additional +[Review Non-conforming Assignments](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/index.md) +and [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topics for additional information. ## Create an Automation Rule @@ -80,8 +80,11 @@ will be applied. - Workflow State — Workflow state of the assignments that need a decision. - Waiting Period — Time period since the last change in the assignments' workflow states. -_Remember,_ in a nutshell, this rule applies Decision to all assignments of Type (and matching all +:::tip +Remember, in a nutshell, this rule applies Decision to all assignments of Type (and matching all criteria), whose workflow state has been set to Workflow State for more than Waiting Period. +::: + ## Impact of Modifications diff --git a/docs/identitymanager/6.2/user-guide/optimize/parameterized-role/index.md b/docs/identitymanager/6.2/user-guide/optimize/parameterized-role/index.md index e40427d9f4..5c02b16da6 100644 --- a/docs/identitymanager/6.2/user-guide/optimize/parameterized-role/index.md +++ b/docs/identitymanager/6.2/user-guide/optimize/parameterized-role/index.md @@ -12,7 +12,7 @@ How to reduce the number of roles in the model by configuring roles with paramet The assignment of a role to a user gives them an entitlement, usually a group membership, thanks to a navigation rule. See the -[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for +[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ![Simple Role](/img/product_docs/identitymanager/saas/user-guide/optimize/parameterized-role/parameterizedroles_simplerole.webp) @@ -22,7 +22,7 @@ roles. For example, the SAP role can be given with slight differences according to the users' subsidiaries: -> ![Role Matrix](/img/product_docs/identitymanager/saas/user-guide/optimize/parameterized-role/parameterizedroles_numerousroles.webp) +**> ![Role Matrix](/img/product_docs/identitymanager/saas/user-guide/optimize/parameterized-role/parameterizedroles_numerousroles.webp)** In order to reduce the number of roles, we can configure roles with parameters by inserting a criterion in the navigation rules. Thus, instead of having as many roles as entitlements (left on @@ -46,7 +46,7 @@ types instead of entitlements. Configure a parametrized role by proceeding as follows: **Step 1 –** Create in XML a dimension corresponding to the parameter that will affect the role. See -the [ Dimension ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) +the [Dimension](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for additional information. For example, let's consider that we have many roles available on three different time slots: 8 hours @@ -74,10 +74,14 @@ Here we have three navigation rules, one for each distinct time slot (dimension ![Example - Rule](/img/product_docs/identitymanager/saas/user-guide/optimize/parameterized-role/parameterizedrole_examplerule_v603.webp) -**NOTE:** Make sure that the corresponding dimension is specified in the right `DisplayEntityType` +:::note +Make sure that the corresponding dimension is specified in the right `DisplayEntityType` in XML to be displayed in the UI. +::: -**NOTE:** It is important to note that for manually assigned roles, if a new dimension is added to + +:::note +It is important to note that for manually assigned roles, if a new dimension is added to the definition of the role, the assignment's dimension will not be re-calculated, and will therefore not be propagated to calculate automatic assignments. Example Scenario — Role A was created as a composite role with no parameters a long time ago. Role A @@ -89,6 +93,8 @@ not get the role B. Since the modification occurred after the assignment, it is role was assigned voluntarily with dimension X unset. However, if a user got role A assigned after the modification, and its dimension X was equal to value Y, then that user would get the role B. +::: + ![Example - Role Parameter Required](/img/product_docs/identitymanager/saas/user-guide/optimize/parameterized-role/parameterizedrole_exampleroleparameter_v603.webp) @@ -115,7 +121,7 @@ script in the command line. In order to verify the process, request manually the parametrized role for a test user. Some additional pop-ups are displayed to set a value for the role's parameter. See the -[ Request Entitlement Assignment ](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md) topic for +[Request Entitlement Assignment](/docs/identitymanager/6.2/user-guide/administrate/manual-assignment-request/index.md) topic for additional information. In our example: diff --git a/docs/identitymanager/6.2/user-guide/optimize/policy-creation/index.md b/docs/identitymanager/6.2/user-guide/optimize/policy-creation/index.md index 466cf9e388..51da786efe 100644 --- a/docs/identitymanager/6.2/user-guide/optimize/policy-creation/index.md +++ b/docs/identitymanager/6.2/user-guide/optimize/policy-creation/index.md @@ -15,8 +15,8 @@ for additional information. A policy is a subgroup of the role model. It defines an ensemble of roles and assignment rules that apply to specific identities. So policies are used to handle separately several sets of identities, based on dimensions with different permissions and workflows. See the -[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) and -[ Conforming Assignments ](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md)topics +[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) and +[Conforming Assignments](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md)topics for additional information. Integrators must minimize the number of policies because it segments identities, and segmentation @@ -26,8 +26,11 @@ means, for example, one policy for workers (meaning employees and contractors), partners, another one for clients. But sometimes partners are included in the same policy as workers, it depends on the organization. -**NOTE:** Netwrix Identity Manager (formerly Usercube) provides a default policy. Only when the +:::note +Netwrix Identity Manager (formerly Usercube) provides a default policy. Only when the project is mature enough should integrators think about creating additional policies. +::: + ## Participants and Artifacts @@ -37,7 +40,7 @@ Integrators must have the knowledge of the organization strategy towards identit | ------------------------ | ------ | | Resource type (optional) | Policy | -See the [ Create a Resource Type ](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) +See the [Create a Resource Type](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) topic for additional information. ## Create a Policy @@ -88,8 +91,11 @@ The UI elements are identified as follows: - Always — The assignment's end date is always locked according to the applicable context rule - Dimensions — Criteria that, if met, trigger the membership of given identities to the policy -**NOTE:** What we call another IGA tool can be another application or even another version of +:::note +What we call another IGA tool can be another application or even another version of Identity Manager. +::: + **Step 4 –** Click on **Create**. diff --git a/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md b/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md index 06ed82e9b8..dafd731552 100644 --- a/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md +++ b/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md @@ -6,13 +6,13 @@ sidebar_position: 30 # Manage Risks -How to use the [ Risk Management ](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) module to +How to use the [Risk Management](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) module to identify entitlement assignments that pose a security risk, especially about segregation of duties and high privileges. ## Overview -A [ Risk ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) +A [Risk](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) describes a sensitive situation in which entitlement assignments need to be monitored for security purposes. Examples include: @@ -20,12 +20,12 @@ purposes. Examples include: the same identity. - High privilege: a particularly sensitive entitlement. -[ Risk Management ](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) is essential to auditing. +[Risk Management](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) is essential to auditing. Among other things, it allows auditors to: - Identify the identities representing the highest security risk. - Compute the corresponding risk score. -- Schedule and [ Perform Access Certification ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md) +- Schedule and [Perform Access Certification](/docs/identitymanager/6.2/user-guide/administrate/access-certification/index.md) accordingly. Using risks involves three steps: @@ -44,8 +44,8 @@ assess risks inherent to entitlements. | ------------------------------------------------------ | ------------- | | Identity repository (required) Role catalog (required) | Risks catalog | -See the [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) and -[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topics for +See the [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) and +[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topics for additional information. ## Create a Risk @@ -75,7 +75,7 @@ Create a risk by proceeding as follows: - `Remediation`: potential alternative solutions that will be displayed with the exemption policy message. - `Exemption Policy` See the - [ Risk Management ](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) topic for additional + [Risk Management](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) topic for additional information. - `Type` - `Level`: risk level that is used to compute risk scores. @@ -87,7 +87,7 @@ Create a risk by proceeding as follows: When risks are based on the exemption policy called **Approval required**, the corresponding role requests appear on the **Role Review** screen with a specific workflow state. See below this note. See the - [ Reconcile a Role ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) + [Reconcile a Role](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) topic for additional information. ![Risk Icon](/img/product_docs/identitymanager/saas/user-guide/optimize/risk-management/riskmanagement_workflowstate_v523.webp) @@ -110,7 +110,7 @@ Create a risk by proceeding as follows: > `DL-INTERNET-Restricted` as a value of the `memberOf` property. 4. Choose the resource type to be targetted by the risk. See the - [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. + [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. > We choose `AD User (administration)` to prevent this situation from happening in our example. @@ -120,7 +120,7 @@ Create a risk by proceeding as follows: 6. Choose a value for this navigation property. The value would be a resource from the unified resource repository. See the - [ Identity Management ](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md) topic + [Identity Management](/docs/identitymanager/6.2/introduction-guide/overview/identity-management/index.md) topic for additional information. > The group `DL-INTERNET-Restricted` in our example. @@ -169,7 +169,7 @@ be blocked. The deletion of a risk simply triggers the computation of risk scores during the next `Compute Risk Scores` task, and removes any exemption policy steps in an assignment request. See the -[ Risk Management ](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) topic for additional +[Risk Management](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) topic for additional information. ## Verify Risk Management @@ -179,6 +179,6 @@ the created risk, and check the consequences: - The message displayed at the end of the entitlement request must correspond to the configuration of the exemption policy. See the - [ Risk Management ](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) topic for additional + [Risk Management](/docs/identitymanager/6.2/integration-guide/governance/risks/index.md) topic for additional information. - Once the entitlement is assigned, a line must appear on the **Identified Risks** page. diff --git a/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md b/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md index b069f45211..53d9a55407 100644 --- a/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md +++ b/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md @@ -9,8 +9,8 @@ sidebar_position: 90 How to assess the impact of a modification on the role model, including the role catalog, role assignment rules and resource correlation rules, using a dedicated [Create a Policy](/docs/identitymanager/6.2/user-guide/optimize/policy-creation/index.md). See the -[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md), -[ Automate Role Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md)[ Correlate Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md), +[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md), +[Automate Role Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md)[Correlate Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md), and [Create a Policy](/docs/identitymanager/6.2/user-guide/optimize/policy-creation/index.md) topics for additional information. ## Overview @@ -22,21 +22,21 @@ involve: - Correlation rules and classification Rule; - Scalar rules and navigation rules; - Resource Type rules; -- [ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) +- [Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and - [ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md); + [Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md); - [Single Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) and [Composite Role Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerolerule/index.md). -See the [ Correlate Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md) -[ Resource Classification Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md), +See the [Correlate Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md) +[Resource Classification Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md), and [Resource Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topics for additional information. A simulation can also be created by the -[ Perform Role Mining ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) for the automation of role +[Perform Role Mining](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/role-mining/index.md) for the automation of role assignments. Through simulation, integrators can: @@ -60,9 +60,9 @@ Integrators are able to perform simulation if they master the new role model. | -------------------------------------------------------------------------------------------- | ------------------ | | Role catalog (optional) Automate Role Assignments (optional) Categorize Resources (optional) | Updated role model | -See the [ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md), -[ Automate Role Assignments ](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md), and -[ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topics for additional information. +See the [Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md), +[Automate Role Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/automate-role-assignment/index.md), and +[Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topics for additional information. ## Launch a Simulation @@ -116,7 +116,7 @@ After all needed changes have been simulated, you can decide to apply or cancel Then, the simulation is no longer active. Clicking on **Apply** applies the simulated changes to the role model. You need to launch the -[ Compute Role Model Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) to observe the actual changes in users' entitlements. ## Impact of Modifications diff --git a/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md b/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md index 9346348d63..1ce526b42a 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md @@ -7,9 +7,9 @@ sidebar_position: 30 # Classify Resources How to define -[ Resource Classification Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) +[Resource Classification Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) in order to classify remaining uncorrelated resources, assigning them resource types. See the -[ Create a Resource Type ](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) topic for additional information. +[Create a Resource Type](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) topic for additional information. ## Overview @@ -17,7 +17,7 @@ in order to classify remaining uncorrelated resources, assigning them resource t Classification is the process of putting on an existing resource a label called resource type, to show its intent and/or purpose within the managed system. See the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Every resource type can be assigned a set of classification rules. @@ -103,7 +103,7 @@ application users, entitlements and data model. | Input | Output | | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- | -| [ Create a Resource Type ](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) (required) [ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) (required) [ Correlate Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md) (recommended) | Classification rules | +| [Create a Resource Type](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) (required) [Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) (required) [Correlate Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md) (recommended) | Classification rules | ## Create a Classification Rule @@ -160,7 +160,7 @@ screen) can have their classification questioned and re-computed. Simulations are available in order to anticipate the changes induced by a creation/modification/deletion in classification rules. See the -[ Perform a Simulation ](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) topic for additional information. +[Perform a Simulation](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) topic for additional information. Any modification in classification rules is taken into account via the classification job: on the connector dashboard and in the **Resource Types** frame, click on **Jobs** > **Classify Resource diff --git a/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md b/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md index 5a44679656..2a8d07ef86 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md @@ -7,7 +7,7 @@ sidebar_position: 20 # Correlate Resources How to define the -[ Resource Correlation Rule ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) +[Resource Correlation Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) to match up resources across systems, usually accounts with their owner. ## Overview @@ -17,7 +17,7 @@ to match up resources across systems, usually accounts with their owner. Correlation is the process of establishing an ownership relationship between a source resource (usually an identity) and a target resource (usually an account). It is the basis of the link between an identity and their fine-grained entitlements. See the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Every resource type can be assigned a set of correlation rules. @@ -119,10 +119,10 @@ application users, entitlements and data model. | Input | Output | | -------------------------------------------------------------------------------------------------------------------------- | ----------------- | -| Identity repository ( (required) Resource types (required) [ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) (required) | Correlation rules | +| Identity repository ( (required) Resource types (required) [Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) (required) | Correlation rules | -See the [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) and -[ Create a Resource Type ](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) topics for additional information. +See the [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) and +[Create a Resource Type](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) topics for additional information. ## Create a Correlation Rule @@ -180,7 +180,7 @@ screen "blocks" correlation and classification "as is". Neither will be re-compu Simulations are available in order to anticipate the changes induced by a creation/modification/deletion in correlation rules. See the -[ Perform a Simulation ](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) topic for additional information. +[Perform a Simulation](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) topic for additional information. Any modification in correlation rules is taken into account via the following jobs: on the connector dashboard and in the **Resource Types** frame, click on **Jobs** > **Prepare Correlation Keys**, and diff --git a/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md b/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md index 3e23a20f75..603683ebf7 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md @@ -7,7 +7,7 @@ sidebar_position: 80 # Categorize Resources How to correlate managed systems' resources with identities, classifying resources into -[ Create a Resource Type ](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md). +[Create a Resource Type](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md). ## Overview @@ -47,7 +47,7 @@ rules, one for correlation, and the other for classification. **Classification** is a process that simply aims to assign a resource type to specific resources. A specific resource can only be assigned a single resource type. See the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. ![Classification Schema](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/categorization_classifschema.webp) @@ -56,7 +56,7 @@ Any resource that is unclassified will not be available for review. **Correlation** is a process that aims to establish an ownership relationship between two resources. In most cases, an identity resource that becomes the owner of an account resource. See the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. ![Correlation Schema](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/categorization_correlschema.webp) @@ -98,7 +98,7 @@ As stated previously, both classification and correlation work through sets of r Sometimes you may not know if your rules are always going to apply. Therefore, each rule expresses a certain level of confidence. Identity Manager will establish a priority order between rules based on the confidence rate, and will also act differently depending on whether the confidence rate is above -or below 100%. See the [ Correlate Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md) topic for additional +or below 100%. See the [Correlate Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md) topic for additional information. A resource type can have zero correlation rules, since accounts can be without owners. But a @@ -119,7 +119,7 @@ In the same way, Identity Manager will apply correlation rules before classifica Now that you have created resource types and their correlation/classification rules, you have created the first elements for your role model. See the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. The role model contains all the roles and rules which drive the entitlement assignment logic inside Identity Manager. @@ -137,25 +137,25 @@ application's users, entitlements and data model. | Input | Output | | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------- | -| [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) (required) [ Create a Resource Type ](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) (required) [ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) (required) | Categorized resources Correlated accounts Orphaned account list | +| [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) (required) [Create a Resource Type](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) (required) [Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) (required) | Categorized resources Correlated accounts Orphaned account list | ## Categorize Resources Categorize resources by proceeding as follows: -1. Create at least one [ Create a Resource Type ](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md); -2. Create the appropriate [ Correlate Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md); -3. Create the appropriate [ Classify Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) for accounts that do not +1. Create at least one [Create a Resource Type](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md); +2. Create the appropriate [Correlate Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md); +3. Create the appropriate [Classify Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) for accounts that do not have an owner. Netwrix Identity Manager (formerly Usercube) recommends creating/modifying/deleting correlation and -classification rules using [ Perform a Simulation ](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) in order to +classification rules using [Perform a Simulation](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) in order to previsualize changes. ## Next Steps Once accounts are categorized, integrators can start to -[ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md). +[Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md). Categorization also enables the [Review Orphaned and Unused Accounts](/docs/identitymanager/6.2/user-guide/administrate/orphan-unused-account-review/index.md). diff --git a/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md b/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md index cfedfe1ec3..437d591014 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md @@ -29,8 +29,8 @@ In practice, a specific resource type is created for a given resource when there - the owner type (for example worker, partner, customer, application, robot, etc.); - the required set of classification and/or correlation rules; See the - [ Classify Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md), and - [ Correlate Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md) topics for additional information. + [Classify Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md), and + [Correlate Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md) topics for additional information. - the approval circuit for a resource's modification or assignment, i.e. the number of required approvals, validators, etc.; - the type of provisioning (manual or automatic). See the @@ -43,11 +43,11 @@ target objects chosen from among the properties of existing entity types. The so identities) is the owner of the target (usually resources from your managed systems, such as a nominative AD account). This relationship is the basis for correlation as much as for future provisioning. See the [Create an Entity Type](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/index.md), -[ Correlate Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md), +[Correlate Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md), and[Provision](/docs/identitymanager/6.2/user-guide/administrate/provisioning/index.md) topics for additional information. See the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. ## Participants and Artifacts @@ -60,8 +60,8 @@ application users, entitlements and data model. | Identity repository (optional) Target connector (required) Synchronized data (optional) | Resource type | See the -[ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md)[ Connect to a Managed System ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md), -and [ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) topics for additional information. +[Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md)[Connect to a Managed System](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md), +and [Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) topics for additional information. ## Create a Resource Type @@ -151,7 +151,7 @@ Create a resource type by proceeding as follows: Reconciliation** screen. Can be activated only if `Allow Removal` is activated too. - `Require Provisioning Review`: forces an additional mandatory review of all provisioning orders for the resource type (on the - [ Review Provisioning ](/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md) + [Review Provisioning](/docs/identitymanager/6.2/user-guide/administrate/provisioning/provisioning-review/index.md) screen). > Consider AD accounts. While nominative accounts can be provisioned without specific diff --git a/docs/identitymanager/6.2/user-guide/set-up/configure-global-settings/index.md b/docs/identitymanager/6.2/user-guide/set-up/configure-global-settings/index.md index 6ae3c84c87..15fd69e622 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/configure-global-settings/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/configure-global-settings/index.md @@ -30,7 +30,7 @@ The customization includes the following: It presents the languages in which the application can be displayed. In the above example you have English-United States and French-France. -See the [ Languages ](/docs/identitymanager/6.2/integration-guide/toolkit/languages/index.md) topic for additional +See the [Languages](/docs/identitymanager/6.2/integration-guide/toolkit/languages/index.md) topic for additional information. ### Features diff --git a/docs/identitymanager/6.2/user-guide/set-up/configure-workflows/index.md b/docs/identitymanager/6.2/user-guide/set-up/configure-workflows/index.md index bff69b1b92..76c7f9cca1 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/configure-workflows/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/configure-workflows/index.md @@ -24,7 +24,7 @@ Usually, using one of these workflows means: 2. if needed, sending the request of user creation for review by a knowledgeable user. See how to -[ Update an Individual Identity ](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/individual-update/index.md)in +[Update an Individual Identity](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/individual-update/index.md)in Identity Manager. ### User Creation Review @@ -59,7 +59,7 @@ process and homonym detection during users' onboarding. | ------------------------------ | ----------------------------- | | Identity repository (required) | Adjusted Onboarding Workflows | -See the [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic for +See the [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. ## Configure Onboarding Workflows diff --git a/docs/identitymanager/6.2/user-guide/set-up/connect-system/connection-creation/index.md b/docs/identitymanager/6.2/user-guide/set-up/connect-system/connection-creation/index.md index a3aa97b397..e6b3d07af5 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/connect-system/connection-creation/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/connect-system/connection-creation/index.md @@ -7,9 +7,9 @@ sidebar_position: 30 # Create a Connection How to create a -[ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) +[Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) inside a -[ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) +[Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) and choose the appropriate package. ## Overview @@ -18,7 +18,7 @@ A connection is the information that allows to connect to a managed system, whic credentials and path. There is a minimum of one connection per connector. In many cases, there is one connection -to[ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md)and one connection for +to[Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md)and one connection for [Provision](/docs/identitymanager/6.2/user-guide/administrate/provisioning/index.md). A connection is associated with a package, representing the technology to use for the data transfer. @@ -32,8 +32,8 @@ purpose of the application. | ------------------------------------------------------- | ------------- | | Connector container(required) Connector model(required) | Connection(s) | -See the [ Create the Connector ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-declaration/index.md) and -[ Model the Data ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) topics for additional information. +See the [Create the Connector](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-declaration/index.md) and +[Model the Data](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) topics for additional information. ## Create a Connection @@ -71,7 +71,7 @@ A package is chosen according to the following constraints: performed for real-time needs, while complete synchronizations, scheduled no more than once a day, will recover any changes that may have slipped through the cracks of the incremental synchronizations. See the - [ Upward Data Synchronization ](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) + [Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) topic for additional information. - Do we need [Provision](/docs/identitymanager/6.2/user-guide/administrate/provisioning/index.md)? If so, should provisioning be @@ -142,7 +142,7 @@ In order to verify the process: ![Check Connection](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/connectioncreation_checkconnection_v602.webp) Some connectors have both incremental and complete setting modes. See the - [ Jobs ](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md)topic for additional + [Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md)topic for additional information. They are relatively independent so they both need to be tested. 2. check that the connection appears in the **Connections** frame with the right options, and diff --git a/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-declaration/index.md b/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-declaration/index.md index 5656df3540..a396fe2193 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-declaration/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-declaration/index.md @@ -7,7 +7,7 @@ sidebar_position: 20 # Create the Connector How to declare the technical container of a -[ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md). +[Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md). ## Overview @@ -18,7 +18,7 @@ Keep in mind that a Identity Manager installation can have more than one agent. created with a specific agent in mind since the agent needs to physically connect to the managed system's data. Fortunately, you don't need to worry about that right now, since you are starting with the agent provided with Identity Manager's SaaS environment. See the -[ Architecture ](/docs/identitymanager/6.2/introduction-guide/architecture/index.md) topic for additional +[Architecture](/docs/identitymanager/6.2/introduction-guide/architecture/index.md) topic for additional information. ## Participants and Artifacts @@ -53,10 +53,10 @@ Create a connector container by proceeding as follows: Netwrix Identity Manager (formerly Usercube)recommends choosing the provided SaaS agent. - - `Complete Job`: [ Jobs ](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md) scheduled to + - `Complete Job`: [Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md) scheduled to perform a set of tasks, including completesynchronization and/or provisioning for all the connectors, for which you selected the corresponding checkbox. - - `Incremental Job`: [ Jobs ](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md) scheduled + - `Incremental Job`: [Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md) scheduled to perform frequently a set of tasks, including incrementalsynchronization and/or provisioning for all the connectors, for which you selected the corresponding checkbox. diff --git a/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md b/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md index 57fc7ac8fa..54ecda9835 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md @@ -295,7 +295,7 @@ In further steps, you will be able to define one resource type per account type a role for assignment and provisioning. **Roles:** During -the[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md)step for this +the[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md)step for this connector you can build roles based on the group-membership system represented by users and profiles. Thus you will create navigation rules to represent the link between users and profiles. diff --git a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md index 461f5e0297..1f62226d25 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md @@ -26,8 +26,8 @@ in alphabetic order. Organize resources' datasheets by proceeding as follows: 1. Start by creating the entity type with its scalar properties and keys. See the - [ Define Scalar Properties ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md) and - [ Select Primary Keys ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md) topics for additional information. + [Define Scalar Properties](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md) and + [Select Primary Keys](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md) topics for additional information. 2. Ensure that the created properties are saved by clicking on **Save & Close** > **Save** at the top right corner. 3. On the entity type's definition page, click on the **Display** tab. @@ -61,7 +61,7 @@ Organize resources' datasheets by proceeding as follows: 6. Click on **Save & Close**. Changes in display groups won't take effect until the next - [ Update Entity Property Expressions Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) + [Update Entity Property Expressions Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) runs. ## Reload diff --git a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md index 626c5c9c36..3b3e62de23 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md @@ -7,7 +7,7 @@ sidebar_position: 50 # Set Resources' Display Names How to change the value of the display name for resources of an -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). ## Overview @@ -26,8 +26,8 @@ first scalar property after alphabetizing all the properties whose name contains Set the resource's display name by proceeding as follows: 1. Start by creating the entity type with its calar properties and keys. See the - [ Define Scalar Properties ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md) and - [ Select Primary Keys ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md) topics for additional information. + [Define Scalar Properties](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md) and + [Select Primary Keys](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md) topics for additional information. 2. Ensure that the created properties are saved by clicking on **Save & Close** > **Save** at the top right corner. 3. On the entity type's definition page, click on the **Settings** tab. @@ -54,9 +54,9 @@ Set the resource's display name by proceeding as follows: 5. Click on **Save & Close**. Changes inside connectors won't take effect until the next - [ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md). More specifically, changes in display + [Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md). More specifically, changes in display names won't take effect until the next - [ Update Entity Property Expressions Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) + [Update Entity Property Expressions Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) runs. ## Reload diff --git a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md index 055cecd953..fa75ccc0c6 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md @@ -7,12 +7,12 @@ sidebar_position: 10 # Create the Entity Type How to create the technical container of an -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). ## Overview Here, you will learn how to create an -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md): +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md): the shell that harbors the (scalar and navigation) properties which describe a given set of resources related to one managed system. @@ -58,7 +58,7 @@ Create the entity type by proceeding as follows: ## Next Steps -To continue,[ Define Scalar Properties ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md)for this entity +To continue,[Define Scalar Properties](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md)for this entity type. ## Troubleshooting diff --git a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/index.md b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/index.md index 601343be55..194e7b6782 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/index.md @@ -7,26 +7,26 @@ sidebar_position: 40 # Create an Entity Type How to create an -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that corresponds to the connector model. ## Overview An entity type is a model of a managed system's data. It defines the shape of the associated resources (instances of said model) and not the intent (that would be a resource type. See the -[ Create a Resource Type ](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) topic for +[Create a Resource Type](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) topic for additional information. It defines a set of properties describing said resources and linking them together. In other words, an entity type is supposed to model the representation of a certain group of resources inside Identity Manager. It is a relational model, made of properties -([ Define Scalar Properties ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md)) and links between entity types -([ Define Navigation Properties ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md)), both described later. +([Define Scalar Properties](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md)) and links between entity types +([Define Navigation Properties](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md)), both described later. ![Entity Type - Schema](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/entitytypecreation_schema.webp) The configuration of entity types depends entirely on the previously established -by[ Model the Data ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md). +by[Model the Data](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md). Entity types will impact the import of the managed system's resources, and the way said resources are displayed in the UI. @@ -38,23 +38,23 @@ purpose of the application. | Input | Output | | --------------------------------------------------------------------------------------------------------------------------------- | ----------- | -| Connection (required) Refreshed schemas (required) Connector's data [ Model the Data ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) (required) | Entity type | +| Connection (required) Refreshed schemas (required) Connector's data [Model the Data](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) (required) | Entity type | See the [Create a Connection](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connection-creation/index.md) and -[ Model the Data ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) topics for additional information. +[Model the Data](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) topics for additional information. ## Create an Entity Type Create an entity type by proceeding as follows: -1. [ Create the Entity Type ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md). -2. [ Define Scalar Properties ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md)to be used in the entity type. -3. Choose the [ Select Primary Keys ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md) and key properties which will identify +1. [Create the Entity Type](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md). +2. [Define Scalar Properties](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md)to be used in the entity type. +3. Choose the [Select Primary Keys](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md) and key properties which will identify resources. -4. Define [ Define Navigation Properties ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md)if applicable. -5. Customize the [ Set Resources' Display Names ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md) for the entity +4. Define [Define Navigation Properties](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md)if applicable. +5. Customize the [Set Resources' Display Names](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md) for the entity type's resources. -6. Organize the [ Organize Resources' Datasheets ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md) for the entity +6. Organize the [Organize Resources' Datasheets](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md) for the entity type's resources in Identity Manager. For some connectors, Identity Manager provides a template to automatically create a basic @@ -70,4 +70,4 @@ configuration. See below this note. Changes will take effect once you have launched synchronization. Therefore, in order to verify the process, follow the verification procedure indicated -to[ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md). +to[Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md). diff --git a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md index 593e780ddd..77c5e0ff8f 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md @@ -7,9 +7,9 @@ sidebar_position: 30 # Select Primary Keys How to choose its keys and an -[ Entity Type Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)key +[Entity Type Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)key in order to uniquely identify the -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)'s +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)'s resources at different points in a resource's lifecycle. ## Overview @@ -66,7 +66,7 @@ by one, until a corresponding resource is found. ### Mapping key The mapping key is also chosen from among scalar properties, and serves to uniquely identify any -resource during the[ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md). It must be unique and +resource during the[Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md). It must be unique and immutable, i.e. must not change during the whole lifecycle of the resource. > A mapping key cannot be based on properties subject to change, such as the display name of any @@ -94,7 +94,7 @@ key is always part of your key properties. Create an entity type by proceeding as follows: 1. Start by defining the entity type's scalar properties. See the - [ Define Scalar Properties ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md) topic for additional + [Define Scalar Properties](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md) topic for additional information. ![Keys](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/entitytypecreation_keys_v522.webp) @@ -119,5 +119,5 @@ You can find the **Reload** button either on the green warning, or on the connec ## Next Steps After the entity type is created with its scalar properties and keys, you can -[ Define Navigation Properties ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md) and/or -[ Set Resources' Display Names ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md). +[Define Navigation Properties](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md) and/or +[Set Resources' Display Names](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md). diff --git a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md index f239246c43..d14194e3a3 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md @@ -68,7 +68,7 @@ If a property doesn’t exist in the source system, you can still create it usin property**. This is useful for storing internal-use data that the connected system can’t read or write. ---- +**---** ## Define the Entity Type's Navigation Properties @@ -126,7 +126,7 @@ Define navigation properties by following these steps: > `Entries`, `assistant`, `assistantOf`, `manager`, `directReports`, `memberOf`, `member`, > `parentdn`, `children` -> ![AD Entity Type - Navigation Properties](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/entitytypecreation_examplead3_v603.webp) +**> ![AD Entity Type - Navigation Properties](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/entitytypecreation_examplead3_v603.webp)** 5. Click the gear icon to access advanced settings: @@ -149,7 +149,7 @@ Define navigation properties by following these steps: Clicking **Continue** closes the window but **does not save** the configuration. ---- +**---** ## Reload @@ -161,7 +161,7 @@ It’s not necessary after every step—but is **required after the final step** The **Reload** button ensures updates appear in the menu links on the UI home page. You’ll find it either in the banner or on the connector dashboard. ---- +**---** ## Next Steps diff --git a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md index 4b12522431..91004b3778 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md @@ -7,7 +7,7 @@ sidebar_position: 20 # Define Scalar Properties How to define the simple, or scalar, properties of an -[ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)'s +[Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)'s resources. ## Overview @@ -42,7 +42,7 @@ any property from the AD, but will be recalculated based on the other properties Define the entity type's scalar properties by proceeding as follows: -1. Start by declaring the [ Create the Entity Type ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md). +1. Start by declaring the [Create the Entity Type](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md). 2. In the entity type's **Properties** section, click on **Map scalar properties** to display existing columns from the external source, and select the properties to be used in the entity type. @@ -69,7 +69,7 @@ Define the entity type's scalar properties by proceeding as follows: - `Format`: format used for the property's display in Identity Manager, for search tools and computation based on said property. Do not keep the default string format if the property is not a string. See the - [ References: Format for the EntityPropertyMapping ](/docs/identitymanager/6.2/integration-guide/connectors/entitypropertymapping-format/index.md) + [References: Format for the EntityPropertyMapping](/docs/identitymanager/6.2/integration-guide/connectors/entitypropertymapping-format/index.md) topic for additional information. > For example, dates, booleans, integers, etc. @@ -151,7 +151,7 @@ You can find the **Reload** button either on the green warning, or on the connec ## Next Steps -Before saving, you must first[ Select Primary Keys ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md)for the entity type. +Before saving, you must first[Select Primary Keys](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md)for the entity type. ## Troubleshooting diff --git a/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md b/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md index 8d9acd1d3b..e3e22caaa7 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md @@ -9,7 +9,7 @@ sidebar_position: 60 How to create a new [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) using the provided SaaS agent. See the -[ Architecture ](/docs/identitymanager/6.2/introduction-guide/architecture/index.md) topic for additional +[Architecture](/docs/identitymanager/6.2/introduction-guide/architecture/index.md) topic for additional information. Identity Manager provides demo applications @@ -62,7 +62,7 @@ provisioning. > For example, we can use the data from Identity Manager's Identity repository to fill in later the > AD's fields, such as users' display names based on their first names and last names from the -> repository. See the [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) +> repository. See the [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) > topic for additional information. Identity Manager can also benefit from inbound connectors, that will write data to Identity @@ -81,14 +81,14 @@ Identity Manager's connectors all operate on the same basic principles. Technica > We create a connector named `AD` (so far, an empty shell). - a - [ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) + [Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) is linked to an agent which acts as the go-between for Identity Manager's server and the managed system; > Our `AD` connector uses the provided SaaS agent. - a - [ Connection ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) + [Connection](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) describes the technology used that enables data to flow back and forth between Identity Manager and the managed system; @@ -101,7 +101,7 @@ Identity Manager's connectors all operate on the same basic principles. Technica SQL, etc.). - the shape of the extracted managed system's data is modeled by - [ Entity Type ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) + [Entity Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) (we will use the term resource to refer to an entity type that has been instantiated); > We create a single entity type `AD - Entry` which contains all the attributes that will @@ -110,8 +110,8 @@ Identity Manager's connectors all operate on the same basic principles. Technica > parent dn, etc. - the intent of resources within the managed system is made clear by categorizing resources into - [ Create a Resource Type ](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md). See the - [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. + [Create a Resource Type](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md). See the + [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. > We categorize AD resources into distinct resource types: `AD User (nominative)` for basic > accounts, which we want Identity Manager to provision automatically; @@ -139,7 +139,7 @@ functional and technical details of the application. | Administrator account for the Development Environment (required) Identity repository (required) User Profile (required) | Connector Connected System | See the [Install the Development Environment](/docs/identitymanager/6.2/user-guide/set-up/development-environment-installation/index.md) -[ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md), and +[Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md), and [Configure a User Profile](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) topics for additional information. @@ -166,4 +166,4 @@ You can activate the connector again at any time using the same button. ## Next Steps Once the connector has been created, you can start -to[ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md). +to[Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md). diff --git a/docs/identitymanager/6.2/user-guide/set-up/development-environment-installation/index.md b/docs/identitymanager/6.2/user-guide/set-up/development-environment-installation/index.md index f6c9b3447f..8a12d362ce 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/development-environment-installation/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/development-environment-installation/index.md @@ -41,4 +41,4 @@ configuration screens. ## Next Steps Once the development environment is ready, integrators can start to -[ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md). +[Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md). diff --git a/docs/identitymanager/6.2/user-guide/set-up/index.md b/docs/identitymanager/6.2/user-guide/set-up/index.md index 936643e33b..4789f7c6a8 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/index.md @@ -6,16 +6,16 @@ sidebar_position: 20 # Set Up -- [ Install the Development Environment ](/docs/identitymanager/6.2/user-guide/set-up/development-environment-installation/index.md) +- [Install the Development Environment](/docs/identitymanager/6.2/user-guide/set-up/development-environment-installation/index.md) How to connect to Identity Manager's SaaS environment to set up the development environment. -- [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) +- [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) How to initiate the repository for workforce identities by loading identities into Identity Manager with the right attributes. -- [ Configure Unique Property Generation ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md) +- [Configure Unique Property Generation](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md) How to configure Identity Manager to generate unique identifiers, mails and logins for any user who does not have them already. @@ -29,29 +29,29 @@ sidebar_position: 20 Description of the MS Excel template for the creation of the identities repository. -- [ Adjust the Workforce Data Model ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md) +- [Adjust the Workforce Data Model](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md) How to select the properties to be part of the data model for the workforce repository (therefore displayed in the UI), and choose their optimal displaying mode. -- [ Configure a User Profile ](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) +- [Configure a User Profile](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) How to tweak the permissions for actions within Identity Manager, for a standard set of basic Identity Manager profiles. -- [ Configure Onboarding Workflows ](/docs/identitymanager/6.2/user-guide/set-up/configure-workflows/index.md) +- [Configure Onboarding Workflows](/docs/identitymanager/6.2/user-guide/set-up/configure-workflows/index.md) How to adjust the parameters of onboarding workflows. -- [ Connect to a Managed System ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) +- [Connect to a Managed System](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) How to create a new connector using the provided SaaS agent. -- [ Model the Data ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) +- [Model the Data](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) How to choose the appropriate model for a connector's data. -- [ Create the Connector ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-declaration/index.md) +- [Create the Connector](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-declaration/index.md) How to create the technical container of a connector. @@ -63,37 +63,37 @@ sidebar_position: 20 How to create an entity type that corresponds to the connector model. -- [ Synchronize Data ](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) +- [Synchronize Data](/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md) How to launch data synchronization, i.e. read managed systems' data and load it into Identity Manager. -- [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) +- [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) How to correlate managed systems' resources with identities, classifying resources into resource types. -- [ Create a Resource Type ](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) +- [Create a Resource Type](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) How to create the container for future correlation and classification rules inside a given managed system. -- [ Correlate Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md) +- [Correlate Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/correlation/index.md) How to define correlation rules to match up resources across systems, usually accounts with their owner. -- [ Classify Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) +- [Classify Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) How to define classification rules in order to classify remaining uncorrelated resources, assigning them resource types. -- [ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) +- [Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) How to define scalar rules, navigation rules and/or query rules to compute and provision target resources values from source resources values. -- [ Create Resources ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md) +- [Create Resources](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md) How to define resource type rules to create new (target) resources for given users, computing and provisioning their properties based on source resources. @@ -103,22 +103,22 @@ sidebar_position: 20 How to define scalar rules to compute and provision the values of scalar properties for target resources based on source resources. -- [ Compute a Navigation Property ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) +- [Compute a Navigation Property](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) How to define navigation rules and/or query rules to compute and provision the values of navigation properties for target resources based on source resources. -- [ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) +- [Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) How to define single roles to model entitlements, and organize them inside the role catalog, basis of the role model. -- [ Create Roles in Bulk ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) +- [Create Roles in Bulk](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) How to create role naming rules, which create single roles using existing naming conventions from the managed system. -- [ Create a Category ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md) +- [Create a Category](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md) How to structure roles into categories. @@ -130,6 +130,6 @@ sidebar_position: 20 How to assign Identity Manager's access permissions to users through profiles. -- [ Manage Role Officers ](/docs/identitymanager/6.2/user-guide/set-up/role-officer-management/index.md) +- [Manage Role Officers](/docs/identitymanager/6.2/user-guide/set-up/role-officer-management/index.md) How to manage role officers in order to ensure the approval for entitlement assignments. diff --git a/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md b/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md index de83b27250..799956ac55 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md @@ -38,7 +38,7 @@ Integrators may need the help of the HR department who know the organization. | ------------------------------------------------------------------------ | ----------------------------- | | IdentityManagerServer (required) Initial workforce repository (required) | Adjusted workforce repository | -See the [ Install the Development Environment ](/docs/identitymanager/6.2/user-guide/set-up/development-environment-installation/index.md) +See the [Install the Development Environment](/docs/identitymanager/6.2/user-guide/set-up/development-environment-installation/index.md) and [Load Identities to Identity Manager](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/load-identities/index.md) topics for additional information. @@ -79,7 +79,7 @@ Adjust the data model by proceeding as follows: For example the contract's start date is necessary for Identity Manager's workflows. Modifications can be performed later, decisions can be reconsidered. See the - [ Modify the Identity Data Model ](/docs/identitymanager/6.2/user-guide/optimize/identity-datamodel-modification/index.md) + [Modify the Identity Data Model](/docs/identitymanager/6.2/user-guide/optimize/identity-datamodel-modification/index.md) topic for additional information. 4. Click on the Save icon at the top. diff --git a/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md b/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md index e655433333..e3a527d3ed 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md @@ -39,7 +39,7 @@ organization to compute these unique properties. | -------------------------------- | -------------------------------------- | | IdentityManagerServer (required) | Generation rules for unique properties | -See the [ Install the Development Environment ](/docs/identitymanager/6.2/user-guide/set-up/development-environment-installation/index.md) +See the [Install the Development Environment](/docs/identitymanager/6.2/user-guide/set-up/development-environment-installation/index.md) topic for additional information. ## Configure Unique Property Generation diff --git a/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md b/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md index 9a89039ba7..7d51890e6a 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md @@ -27,7 +27,7 @@ Each identity will be represented by a set of properties that are to be used in > ![Identity Example](/img/product_docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/identityrepository-person_v602.webp) See the -[ Identity Repository ](/docs/identitymanager/6.2/integration-guide/identity-management/identity-repository/index.md) +[Identity Repository](/docs/identitymanager/6.2/integration-guide/identity-management/identity-repository/index.md) topic for additional information. The initial workforce repository is going to be the first version of a comprehensive repository diff --git a/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/load-identities/index.md b/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/load-identities/index.md index a6b70e2cf5..2d65971934 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/load-identities/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/load-identities/index.md @@ -141,7 +141,7 @@ Load identities for the first time by proceeding as follows: 1. Upload the `Directory.xlsx` file with only recommended data, validate and synchronize as explained on this page. 2. Connect the AD, synchronize AD data, update correlation and classification. See the - [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. + [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. 3. Follow the usual query procedure to request phone numbers from the AD. 4. Ensure you display a key (for example `EmployeeId` or `email`) to master the order of the displayed data. diff --git a/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/template-description/index.md b/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/template-description/index.md index 6c0680145d..9b38e3dbe4 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/template-description/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/template-description/index.md @@ -14,7 +14,7 @@ Description of the MS Excel template for the creation of the identities reposito All tabs contain a column `Command` only used at a later stage to modify (massively) identity data. See the -[ Update Identities in Bulk ](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/mass-update/index.md) +[Update Identities in Bulk](/docs/identitymanager/6.2/user-guide/maintain/identity-data-modification/mass-update/index.md) topic for additional information. ## User - Required @@ -48,7 +48,7 @@ Thus, the `UserRecord` tab usually holds users' information that might change ov | Attribute | Type | Description | | ---------------------------------------------------------------------------------------- | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| RecordIdentifier (recommended) | String | Identifier of the Records. See the[ Position Change via Records ](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md). **Note:** it can be the same as `PositionIdentifier` when users can have no more than one contract simultaneously. **Note:** required when using records. | +| RecordIdentifier (recommended) | String | Identifier of the Records. See the[Position Change via Records](/docs/identitymanager/6.2/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md). **Note:** it can be the same as `PositionIdentifier` when users can have no more than one contract simultaneously. **Note:** required when using records. | | User (required) | ForeignKey | `Identifier` from the `User` tab. | | EmployeeId (recommended) | String | | | Gender (optional) | ForeignKey | `Identifier` from the `Gender` tab. | diff --git a/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md b/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md index 8d6a43170a..285a1ac877 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md @@ -13,7 +13,7 @@ topic for additional information. ## Overview -[ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) led to the grouping of resources into resource +[Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) led to the grouping of resources into resource types (classification), and the establishment of source-to-target relationships between these resources (correlation). @@ -38,7 +38,7 @@ resources (identities). In testing mode, the impacted resource types can be configured to block provisioning, by adding a mandatory review before actually writing to the managed system. See the -[ Create a Resource Type ](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) topic for additional +[Create a Resource Type](/docs/identitymanager/6.2/user-guide/set-up/categorization/resource-type-creation/index.md) topic for additional information. ## Participants and Artifacts @@ -50,19 +50,19 @@ application users, entitlements and data model. | ------------------------- | ----------------------------------------- | | Categorization (required) | Scalar rules Navigation rules Query rules | -See the [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. +See the [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. ## Create Provisioning Rules -- [ Create Resources ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md)type rules to automatically create resources. +- [Create Resources](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md)type rules to automatically create resources. - [Compute a Scalar Property](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/scalar-property-computation/index.md) to compute scalar properties; - Create navigation and/or query rules to compute navigation properties. Netwrix Identity Manager (formerly Usercube) recommends creating/modifying/deleting provisioning rules using simulations in order to anticipate changes. See the -[ Perform a Simulation ](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) topic for additional information. +[Perform a Simulation](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) topic for additional information. ## Next Steps Once provisioning rules are created, integrators can start -to[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md). +to[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md). diff --git a/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md b/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md index 59708d2055..b2749ca132 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md @@ -17,7 +17,7 @@ Sources are usually identities, and targets are usually accounts from the manage Here, we are going to compute the values of navigation properties for the target resources used in entitlement management, based on source resources. See -the[ Define Navigation Properties ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md) +the[Define Navigation Properties](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md) topic for additional information. We are going to provision these properties, i.e. write them to the managed system. See the [Provision](/docs/identitymanager/6.2/user-guide/administrate/provisioning/index.md) topic for additional information. @@ -67,16 +67,16 @@ entity type itself). Let's call this entity type the "other" one. The application of a navigation rule can depend on the assignment of a single role, and/or user dimensions. See -the[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for +the[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information on the assignment of a single role and -[ Conforming Assignments ](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md) +[Conforming Assignments](/docs/identitymanager/6.2/integration-guide/role-assignment/conformingassignmentcomputation/index.md) topic for additional information on dimensions. A query rule does not use criteria as it is designed to compute a given navigation property for all existing resources in a given resource type. However, in case of several query rules on a same property, the application of a query rule depends on its confidence rate and the corresponding priority it receives compared to other query rules. See the -[ Classify Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) topic for additional +[Classify Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) topic for additional information. While both navigation and query rules compute navigation properties, the value of one navigation @@ -102,14 +102,17 @@ accounts. A navigation rule will trigger the creation of a target resource for all impacted source resources (so all users), which are not yet correlated with a resource of this resource type. -**NOTE:** A query rule does not create resources, and only computes the navigation properties of +:::note +A query rule does not create resources, and only computes the navigation properties of existing resources. +::: + ## Guidelines Follow these guidelines when configuring navigation properties. -Expression code must not contain too much data +**Expression code must not contain too much data** Once configured, a rule is a complicated object to modify. Therefore, you must keep business data in the resource and out of the expression. It is easier to change data than to change a rule. @@ -127,7 +130,7 @@ the resource and out of the expression. It is easier to change data than to chan > expression remains simple by using the new objects, for example > `Email = FirstName + "." + LastName + "@" + Company + "." + DomainName`. -Priority between navigation/query rules +**Priority between navigation/query rules** When creating navigation and query priorities, follow these rules: @@ -141,7 +144,7 @@ When creating navigation and query priorities, follow these rules: For a given managed system, integrators may need the help of the application owner who knows the application users, entitlements and data model. See the -[ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. +[Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. | Input | Output | | ------------------------- | ---------------------------- | @@ -229,7 +232,7 @@ Once the `Resource Type` is provided, more fields appear. example, account activation and deactivation can be managed according to the start and/or end dates. - `Confidence Rate`: rate expressing the confidence in this link, and its priority order. See - the[ Classify Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) topic for additional + the[Classify Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) topic for additional information. > Our examples would look like: @@ -260,7 +263,7 @@ system. Simulations are available in order to anticipate the changes induced by a creation/modification/deletion in navigation and query rules. See the -[ Perform a Simulation ](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) topic for additional information. +[Perform a Simulation](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) topic for additional information. ## Verify Rule Creation @@ -283,7 +286,7 @@ the **Role Reconciliation** screen) to help check query rules: if there are nume be reconciled following the same pattern, then there may be a rule that needs to be changed. See -the[ Review an Unauthorized Account ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md) +the[Review an Unauthorized Account](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md) and -the[ Reconcile a Role ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) +the[Reconcile a Role](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) topics for additional information. diff --git a/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md b/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md index 824d950277..22408b2217 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md @@ -36,7 +36,7 @@ application users, entitlements and data model. | ------------------------- | ------------------- | | Categorization (required) | Resource type rules | -See the [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. +See the [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. ## Create a Resource Type Rule @@ -122,5 +122,5 @@ Then, you can: If the type rule uses a single role as a criterion, and the user has said role, then both the resource type and the role will be displayed in the user's permissions, but only if the role is - related to a [ Compute a Navigation Property ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md). + related to a [Compute a Navigation Property](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md). Otherwise, only the resource type will be visible. diff --git a/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/scalar-property-computation/index.md b/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/scalar-property-computation/index.md index 8543035820..522d9afcc9 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/scalar-property-computation/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/scalar-property-computation/index.md @@ -34,7 +34,7 @@ owner's name with the expression: return person.LastName + " " + person.FirstName; The application of a scalar rule can depend on the assignment of a single role. See the -[ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for +[Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. Sometimes we create in Identity Manager properties which are not directly linked to any real @@ -60,7 +60,7 @@ properties of existing resources. ## Guidelines -Expression code must not contain too much data +**Expression code must not contain too much data** Once configured, a rule is a complicated object to modify. Therefore, you must keep business data in the resource and out of the expression. It is easier to change data than to change a rule. @@ -78,7 +78,7 @@ then a new field is added in the data model for Site and Domain Name. Thus, the remains simple by using the new objects, for example `Email = FirstName + "." + LastName + "@" + Company + "." + DomainName`. -Priority between scalar rules +**Priority between scalar rules** A scalar rule with a role as a criterion has a higher priority than a rule without a role criterion. @@ -104,7 +104,7 @@ application users, entitlements and data model. | ------------------------- | ------------ | | Categorization (required) | Scalar rules | -See the [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. +See the [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. ## Create a Scalar Rule @@ -190,7 +190,7 @@ system. Simulations are available in order to anticipate the changes induced by a creation/modification/deletion in scalar rules. See the -[ Perform a Simulation ](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) topic for additional information. +[Perform a Simulation](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) topic for additional information. ## Verify Rule Creation @@ -204,7 +204,7 @@ on **Jobs** > **Compute Role Model** to apply all rules. **Step 2 –** Review unreconciled properties on the **Resource Reconciliation** screen to help check scalar rules: if there are numerous properties to be reconciled following the same pattern, then there may be a rule that needs to be changed. See the -[ Reconcile a Property ](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) +[Reconcile a Property](/docs/identitymanager/6.2/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. Once the steps completed the process is verified. diff --git a/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md b/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md index e09e15afe6..f77b5bfe9a 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md @@ -7,7 +7,7 @@ sidebar_position: 20 # Create a Category How to structure roles into categories. See the -[ Category ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) +[Category](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) topic for additional information. ## Overview @@ -37,7 +37,7 @@ application's users, entitlements and data model. | ----------------------- | ---------- | | Role Catalog (optional) | Categories | -See the [ Create Roles in the Role Catalog ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. +See the [Create Roles in the Role Catalog](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Create a Category diff --git a/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md b/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md index 01168b8645..2bad7f1636 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/index.md @@ -7,9 +7,9 @@ sidebar_position: 100 # Create Roles in the Role Catalog How to define -[ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) +[Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) to model entitlements, and organize them in the role catalog, basis of the role model. See the -[ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. The creation of the role catalog is a time-consuming part, with an important workload concerning the @@ -19,7 +19,7 @@ the useful permissions within managed applications. ## Overview The aim here is to establish and create the exhaustive list of -[ Role Model ](/docs/identitymanager/6.2/integration-guide/role-model/index.md) needed by the organization. Roles are +[Role Model](/docs/identitymanager/6.2/integration-guide/role-model/index.md) needed by the organization. Roles are a way to represent entitlements which are assigned to identities, so that said identities are able to work with the managed systems. @@ -42,7 +42,7 @@ connector modeling. Identity Manager's roles are all built the same way. Technically speaking: - a role is part of a policy which is a subgroup of the role model. See the - [ Entitlement Management ](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) + [Entitlement Management](/docs/identitymanager/6.2/introduction-guide/overview/entitlement-management/index.md) topic for additional information. > Let's take the example of the unlimited Internet access, part of the default policy. @@ -60,7 +60,7 @@ Identity Manager's roles are all built the same way. Technically speaking: requirements. Then single roles can be grouped together through - [ Composite Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) + [Composite Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) for applicative purposes, allowing users to be assigned several entitlements simultaneously. Leave composite roles for later, when the system runs as is and would benefit from an additional layer in the role model. @@ -77,7 +77,7 @@ Identity Manager's roles are all built the same way. Technically speaking: - to be effective, roles must be linked to actual entitlements in the managed systems. Technically speaking, this means that for each entitlement that you want to assign through a given role, you must create a navigation rule to build said link. A navigation rule is specific to one resource - type. See the [ Categorize Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional + type. See the [Categorize Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/index.md) topic for additional information. ![Schema - Single Role with Navigation Rule](/img/product_docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/singlerolescatalog_schemarolerule.webp) @@ -105,7 +105,7 @@ Functionally speaking, the main benefit of roles is to give entitlements user-fr understandable by managers. And to be understandable, roles must be structured. The strategy for role creation and structuring varies according to the -[ Model the Data ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) established for a given system. +[Model the Data](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) established for a given system. Here, we will take as example the common use-case that organizes and categorizes roles by application. Then, the strategy varies whether the system hosts a single application (like SAB or SAP) or several (like the AD or LDAP). @@ -115,7 +115,7 @@ Thus, no matter the kind of system that you are working with, if the system uses conventions, then you should start by creating some. They will be the basis for role structure in Identity Manager, and will really simplify role creation. -One system for one application +**One system for one application** A common and intuitive case is when a system is simply one application. Then, integrators can create one role per entitlement in said application, and one category for the application. @@ -182,7 +182,7 @@ Roles can also be created bottom-up via role naming rules. Instead of the previo use the name of said entitlement in your managed system to create automatically the corresponding single role and rule (and category if it does not already exist). In other words, Identity Manager's naming rules are to be based on your existing naming conventions for entitlements. See the -[ Create Roles in Bulk ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) topic for additional information. +[Create Roles in Bulk](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) topic for additional information. ![Schema - Role Creation Top-Down](/img/product_docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/singlerolescatalog_schemabottomup.webp) @@ -202,23 +202,23 @@ application's users, entitlements and data model. | Input | Output | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------- | -| Connector's data [ Model the Data ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) (required) [ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) (required) [ Classify Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) (required) | Single role catalog | +| Connector's data [Model the Data](/docs/identitymanager/6.2/user-guide/set-up/connect-system/connector-modeling/index.md) (required) [Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) (required) [Classify Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) (required) | Single role catalog | ## Create the Single Role Catalog Create the single role catalog by proceeding as follows: 1. Create as many single roles as possible (with their navigation rules and categories) via the - [ Create Roles in Bulk ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) naming rules. + [Create Roles in Bulk](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) naming rules. 2. Complete the role catalog if needed by creating manually additional - [ Create a Category ](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md) and single roles with their navigation rules. + [Create a Category](/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md) and single roles with their navigation rules. 3. Add [Create a Composite Role](/docs/identitymanager/6.2/user-guide/optimize/composite-role-creation/index.md) to the single role catalog only if the project is mature enough. Composite roles are more complex than single roles and they are not mandatory. ## Impact of Modifications -[ Perform a Simulation ](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) are available in order to anticipate +[Perform a Simulation](/docs/identitymanager/6.2/user-guide/optimize/simulation/index.md) are available in order to anticipate the changes induced by a creation/modification/deletion in roles and navigation rules. ## Next Steps @@ -226,4 +226,4 @@ the changes induced by a creation/modification/deletion in roles and navigation Once the role catalog is established, integrators can start role officer management. The role catalog is also a prerequisite for -[ Manage Risks ](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md)management. +[Manage Risks](/docs/identitymanager/6.2/user-guide/optimize/risk-management/index.md)management. diff --git a/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-manual-creation/index.md b/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-manual-creation/index.md index f0ed43b0d7..a127d2fe5b 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-manual-creation/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-manual-creation/index.md @@ -12,7 +12,7 @@ How to create single roles manually. A single role is a way to represent an entitlement that is to be assigned to an identity. It brings a layer of abstraction through a user-friendly name, close to the business view. See the -[ Single Role ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) +[Single Role](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for additional information. To be effective, roles must be linked to actual entitlements in the managed systems. Within Identity @@ -23,12 +23,15 @@ information. Thus, each role is linked to one navigation rule per entitlement. S [Resource Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topic for additional information. -**NOTE:** For example, imagine that we want to grant unlimited Internet access to the administrator +:::note +For example, imagine that we want to grant unlimited Internet access to the administrator profile of an identity. This entitlement won't be assigned directly to the identity but to its AD administration account. In our Active Directory, there is a resource called `` identified from among AD entries as a group. So we need to add this group membership to the properties of the identity's AD account, using `` as a value of the **memberOf** property. +::: + ## Participants and Artifacts @@ -39,7 +42,7 @@ application's users, entitlements and data model. | ------------------------- | ------------ | | Classification (required) | Single roles | -See the[ Classify Resources ](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) topic for additional +See the[Classify Resources](/docs/identitymanager/6.2/user-guide/set-up/categorization/classification/index.md) topic for additional information. ## Create a Single Role @@ -65,11 +68,14 @@ New** at the top right corner. - Description: Description of the role. - Tags: Label(s) that can later be used to filter the target roles of access certification campaigns. See the - [ Schedule a Certification Campaign ](/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md) + [Schedule a Certification Campaign](/docs/identitymanager/6.2/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md) topic for additional information. - **NOTE:** Netwrix recommends using role tags when you want to perform an access certification on + :::note + Netwrix recommends using role tags when you want to perform an access certification on a set of roles that are from several categories. + ::: + - Category: Category which is to contain the created role. - Secondary Categories: Other potential categories which are to contain the created role. @@ -99,8 +105,11 @@ New** at the top right corner. - Maximum Duration: Duration (in minutes) after which the role will be automatically revoked, if no earlier end date is specified. - **NOTE:** The maximum duration impacts only the roles which are manually assigned after the + :::note + The maximum duration impacts only the roles which are manually assigned after the maximum duration is set. Pre-assigned roles are not impacted. + ::: + - If no duration is set on the role, the maximum duration of the associated policy is applied. - If the duration is set to 0 on the role, it prevents the associated policy from applying its @@ -110,8 +119,11 @@ New** at the top right corner. will be required to validate or decline the entitlement prolongation. Inferred entitlements won't be lost unless the end of the grace period is reached or the prolongation is declined. - **NOTE:** The grace period is only applied if the loss of the entitlement is due to a change in + :::note + The grace period is only applied if the loss of the entitlement is due to a change in the rules, i.e. rule deletion or criteria changes. + ::: + If the grace period is not defined, the value is inherited from the policy. diff --git a/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md b/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md index 69a8b8d93f..4642e6f9a3 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md @@ -8,7 +8,7 @@ sidebar_position: 10 How to create role naming rules, which create single roles using existing naming conventions from the managed system. See the -[ Role Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md) +[Role Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md) topic for additional information. ## Overview @@ -45,7 +45,7 @@ application's users, entitlements and data model. | Input | Output | | ------------------------------------------------------------------------------------ | --------------------------------------------------------- | -| [ Create a Provisioning Rule ](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) (required) | Role naming rule Single roles Navigation rules Categories | +| [Create a Provisioning Rule](/docs/identitymanager/6.2/user-guide/set-up/provisioning-rule-creation/index.md) (required) | Role naming rule Single roles Navigation rules Categories | ## Create a Role Naming Rule @@ -77,7 +77,7 @@ Create a role naming rule by proceeding as follows: - **+ New Rule**: a naming rule is based on the union of rules, themselves based on the intersection of rule items. A rule item specifies one of the conditions that will trigger the enforcement of the naming rule. See the - [ Role Mapping ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md) + [Role Mapping](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md) topic for additional information. - `Where Expression`: C# expression returning a boolean to condition the application of the rule. @@ -97,7 +97,7 @@ Create a role naming rule by proceeding as follows: [Expressions](/docs/identitymanager/6.2/integration-guide/toolkit/expressions/index.md). - **Category**: the - [ Category ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) + [Category](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) for the future role(s). - `Identifier`: either matches an existing category and selects it, or doesn't match and diff --git a/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md b/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md index 2197e725fc..36ad1bb22d 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/synchronization/index.md @@ -27,11 +27,11 @@ the synchronization itself. #### Export The -[ Export Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) +[Export Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) creates extractions, a snapshot of the managed system's data, used to insert and/or refresh the data that is inside Identity Manager. Extractions are accessible when there is at least one connection with an export-enabled -[ References: Packages ](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/index.md). +[References: Packages](/docs/identitymanager/6.2/integration-guide/connectors/references-packages/index.md). Extracted data becomes meaningful when it is loaded into resources as specified by the entity type structure. @@ -40,7 +40,7 @@ Exported data is stored inside CSV files in the folder `/{InstallationFolder}/Te #### Prepare synchronization The -[ Prepare Synchronization Task ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md)performs +[Prepare Synchronization Task](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md)performs a preparatory data cleansing to spot errors and list them in a generated file in the `/{InstallationFolder}/Work/Synchronization` folder. @@ -52,7 +52,7 @@ a preparatory data cleansing to spot errors and list them in a generated file in The `Synchronize` task loads data into Identity Manager's database. See the -[ Upward Data Synchronization ](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) +[Upward Data Synchronization](/docs/identitymanager/6.2/integration-guide/synchronization/upward-data-sync/index.md) topic for additional information. ### Prerequisites @@ -65,7 +65,7 @@ must have defined keys during Entity Type creation. See the [Create an Entity Type](/docs/identitymanager/6.2/user-guide/set-up/connect-system/entity-type-creation/index.md) topic for additional information. -Extractions must not be modified before synchronization +**Extractions must not be modified before synchronization** Extractions must not be modified manually, for it may induce synchronization issues. @@ -74,7 +74,7 @@ Extractions must not be modified manually, for it may induce synchronization iss Also, synchronization must not be disturbed by a change in the source format, such as the deletion of a column in the middle of the file. -Thresholds must never be deactivated +**Thresholds must never be deactivated** Thresholds are essential safety guards that control all changes, for example preventing the overwriting of important data by mistake. Thresholds are by default activated to warn users when @@ -85,7 +85,7 @@ _"Threshold Exceeded"_ on the log page described below. Once the changes have been reviewed, the blocked job can be resumed (or not). Thresholds are configured with default values using the following -[ Connector ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) +[Connector](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) attributes: - `MaximumDeletedLines`, `MaximumInsertedLines` and `MaximumUpdatedLines` for scalar properties; @@ -104,7 +104,7 @@ At this point, integrators should have all the elements they need to perform syn | ------------------------------------------ | ----------------- | | Connector with its entity types (required) | Synchronized data | -See the [ Connect to a Managed System ](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) topic for additional +See the [Connect to a Managed System](/docs/identitymanager/6.2/user-guide/set-up/connect-system/index.md) topic for additional information. ## Launch Synchronization @@ -138,7 +138,7 @@ Launch synchronization for a given managed system by proceeding as follows: ## Manage Synchronization Automation Export and synchronization are executed manually from the connector screens. By default, they are -also part of scheduled [ Jobs ](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md) provided by +also part of scheduled [Jobs](/docs/identitymanager/6.2/integration-guide/tasks-jobs/jobs/index.md) provided by Identity Manager: - the complete job is scheduled to launch a synchronization once a day of all resources, modified or diff --git a/docs/identitymanager/6.2/user-guide/set-up/user-profile-assignment/index.md b/docs/identitymanager/6.2/user-guide/set-up/user-profile-assignment/index.md index 14145e3894..5b960174fe 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/user-profile-assignment/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/user-profile-assignment/index.md @@ -12,7 +12,7 @@ How to assign Identity Manager's access permissions to users through profiles. All the permissions to access items in Identity Manager, and to perform given actions, are managed by assigning profiles to users and permissions to profiles. See the -[ Assigned Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) +[Assigned Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) and [References: Permissions](/docs/identitymanager/6.2/integration-guide/profiles-permissions/permissions/index.md) topics for additional information. @@ -22,7 +22,7 @@ For example, the access to the list of users with their personal data is usually people, and the possibility to modify personal data restricted to HR managers. We define here a permission as an entitlement within Identity Manager. See the -[ Configure a User Profile ](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) topic for additional +[Configure a User Profile](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. Users are assigned profiles according to the permissions they need to work, at least one profile per @@ -46,14 +46,14 @@ Integrators must have the knowledge of who must be able to access what within Id | ------------------------------ | ----------------- | | Configured profiles (required) | Assigned profiles | -See the [ Configure a User Profile ](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) topic for additional +See the [Configure a User Profile](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. ## Assign a Profile to an Account In the following section you will read about how to assign a profile to an account. -Manual assignment +**Manual assignment** Assign manually a profile to a user by proceeding as follows: @@ -76,7 +76,8 @@ section. - **Deny this Profile**: Option that forbids the profile assignment instead of applying it. - **Start Date** and **End Date**: Particularly useful for profile delegation. -**NOTE:** If filters are defined in the Access Rules, and are assigned to the profile, a +:::note +If filters are defined in the Access Rules, and are assigned to the profile, a **Criteria** section will appear containing them. Filters are conditions that, if met, trigger the Access Control Rule Application. The only filters which can be displayed in this section are filters related to dimensions or hard @@ -85,8 +86,10 @@ The filters are defined in the XML configuration on the access control rules. Th are a fusion of the filters of all the rules associated with the profile. See the [Access Control Rule](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) topic for additional information. +::: -Automatic assignment + +**Automatic assignment** The largest profiles with the most basic permissions (like a simple access to the application) concern many identities and are low-privileged. Thus integrators can set up profile assignment rules @@ -99,9 +102,12 @@ topic for additional information. Click on **Launch** to apply these profile rules. -**NOTE:** Profile rules can also be applied through the same button on the **Profiles** page, by +:::note +Profile rules can also be applied through the same button on the **Profiles** page, by clicking on **Settings** in the **Configuration** section, then on **General** > **Profiles** in the left menu. +::: + ## Delegate a Profile @@ -122,7 +128,7 @@ security is ensured by preventing unwanted entitlement delegation. In order to verify both profile configuration and assignment, check that a sample of users can effectively perform the actions allowed by their profiles. See the -[ Configure a User Profile ](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) topic for additional +[Configure a User Profile](/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. A functioning and well-assigned profile must not trigger 403 errors in the server logs, nor in the diff --git a/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md b/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md index 10b74fcfdb..df084258d2 100644 --- a/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md +++ b/docs/identitymanager/6.2/user-guide/set-up/user-profile-configuration/index.md @@ -9,7 +9,7 @@ sidebar_position: 50 How to tweak the [References: Permissions](/docs/identitymanager/6.2/integration-guide/profiles-permissions/permissions/index.md) for actions within Identity Manager, for a set of basic -[ Assigned Profile ](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md). +[Assigned Profile](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md). ## Overview @@ -32,7 +32,7 @@ Permissions can be about: - workflows, which gives access to actions for users' lifecycle (onboarding-movement-offboarding), through the workflows provided by Identity Manager within the **Directory** pages; - reports, which gives access to Identity Manager's predefined reports about workforce. See the - [ Generate Reports ](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for additional information. + [Generate Reports](/docs/identitymanager/6.2/user-guide/administrate/reporting/index.md) topic for additional information. - notifications, which enables notification reception when specific workflows are launched. Netwrix Identity Manager (formerly Usercube) recommends creating and using the following profiles: @@ -72,7 +72,7 @@ Integrators must have the knowledge of the organization strategy towards the IGA | Input | Output | | -------------------------------------------------------------------------------------- | ------------- | -| [ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) (required) | User profiles | +| [Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) (required) | User profiles | ## Configure a User Profile @@ -116,5 +116,5 @@ information. ## Next Steps Once user profiles are configured, integrators can start configuring onboarding workflows. See the -[ Create the Workforce Repository ](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic for additional +[Create the Workforce Repository](/docs/identitymanager/6.2/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. diff --git a/docs/identitymanager/6.2/whatsnew/index.md b/docs/identitymanager/6.2/whatsnew/index.md index 3b6d7ab8fc..b11a3fd83b 100644 --- a/docs/identitymanager/6.2/whatsnew/index.md +++ b/docs/identitymanager/6.2/whatsnew/index.md @@ -18,7 +18,7 @@ Identity Manager (formerly Usercube) version. ## Netwrix Identity Manager (formerly Usercube) November 25, 2024 -New: Assigned Roles View +**New: Assigned Roles View** The new Assigned Roles page provides a role-centric view, displaying the list of users with permissions in a specified role category and including a downloadable report. This feature is @@ -26,7 +26,7 @@ currently in read-only preview, with additional functionality planned for the ne [Review Assigned Roles](/docs/identitymanager/6.2/user-guide/administrate/assigned-roles/index.md) topic for additional information. -New: Context-Bound Manual Permissions +**New: Context-Bound Manual Permissions** Manual permission assignments can now be configured to be tied to a context end date using ‘ManualAssignmentEndDateLockedToContext’. For example, a contractor's manual permissions can be @@ -37,7 +37,7 @@ and [Remove Redundant Assignments](/docs/identitymanager/6.2/user-guide/optimize/assignment-automation/remove-redundant-assignments/index.md) topics for additional information. -New: Suggested Multiple Correlations +**New: Suggested Multiple Correlations** A new option allows multi-correlation resource types to propose correlations with less than 100% confidence. This behavior is controlled by the new boolean ‘SuggestAllCorrellations’. The default @@ -46,14 +46,14 @@ lower-confidence suggestions. See the [Resource Type](/docs/identitymanager/6.2/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topic for additional information. -Enhancement: Access Control and Workflows +**Enhancement: Access Control and Workflows** The maximum number of workflow actors is now configurable via the ‘MaxActors’ key in the ‘appsettings.json’ file. The default value of 20 can now be increased up to 50. See the [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/general-purpose/index.md) topic for additional information. -Enhancement: Certifications and Risks +**Enhancement: Certifications and Risks** Extra options on certification screens (visible on the "..." button) can now be hidden by setting **Only allow approving and refusing on access certifications items** to **Yes**. This will leave @@ -61,19 +61,19 @@ only the **Approve** and **Deny** buttons visible. The default setting is **No** [Configure Global Settings](/docs/identitymanager/6.2/user-guide/set-up/configure-global-settings/index.md) topic for additional information. -Enhancement: Connectors and Integrations +**Enhancement: Connectors and Integrations** Two new settings, ‘MaxPageSize’ and ‘DefaultPageSize’, have been introduced to control and optimize API call sizes. See the [Application Settings](/docs/identitymanager/6.2/integration-guide/network-configuration/server-configuration/general-purpose/index.md) topic for additional information. -Enhancement: Jobs and Policy +**Enhancement: Jobs and Policy** Manual correlations for resources with multiple correlations can now be performed from the Resource Reconciliation screen. -Enhancement: Logs / Performance / Security +**Enhancement: Logs / Performance / Security** Incompatible C# expressions in the configuration will now be flagged during configuration imports. A new tool, ‘Identity Manager-Check-ExpressionsConsistency’, has been introduced to help identify @@ -89,11 +89,11 @@ of full evaluation modes, evaluating only necessary entity types, and avoiding r executions. Existing jobs are whitelisted, but new non-compliant jobs will generate errors during configuration imports. -Enhancement: UI / UX +**Enhancement: UI / UX** Various user interface improvements, including better tooltips on the Role Review screen. -Enhancement: Other +**Enhancement: Other** The ‘Identity Manager-Export-Bacpac’ tool now allows finer control over data extraction and anonymization options. See the diff --git a/docs/identitymanager/saas/index.md b/docs/identitymanager/saas/index.md index 1dfd637ab4..c003bb2c63 100644 --- a/docs/identitymanager/saas/index.md +++ b/docs/identitymanager/saas/index.md @@ -21,5 +21,4 @@ Identity Manager's guides include: - An [Installation Guide](/docs/identitymanager/saas/installation-guide/index.md) to install Identity Manager in a production environment. - A [Migration Guide](/docs/identitymanager/saas/migration-guide/index.md) to upgrade to a new version of Identity Manager. -- [ What's New](/docs/identitymanager/saas/whatsnew/index.md) to get details about specific changes in Identity Manager's - updates. +- [What's New](/docs/identitymanager/saas/whatsnew/index.md) to get details about specific changes in Identity Manager's updates. diff --git a/docs/identitymanager/saas/installation-guide/index.md b/docs/identitymanager/saas/installation-guide/index.md index 77305589b5..765a0e468d 100644 --- a/docs/identitymanager/saas/installation-guide/index.md +++ b/docs/identitymanager/saas/installation-guide/index.md @@ -21,5 +21,5 @@ Required knowledge includes: ## Overview The installation of Identity Manager requires architectural decisions to be made. An -[ Overview ](/docs/identitymanager/saas/installation-guide/overview/index.md) of the architecture and available configurations will help you make +[Overview](/docs/identitymanager/saas/installation-guide/overview/index.md) of the architecture and available configurations will help you make informed decisions. diff --git a/docs/identitymanager/saas/installation-guide/overview/index.md b/docs/identitymanager/saas/installation-guide/overview/index.md index 3eb3dcb88a..beb339d0ba 100644 --- a/docs/identitymanager/saas/installation-guide/overview/index.md +++ b/docs/identitymanager/saas/installation-guide/overview/index.md @@ -61,7 +61,7 @@ Identity Manager needs the following data flows to be enabled: connectors. This requirement only applies to a few specific **administrator type profiles**. - The **Server** and the **Agent** both need to access an **SMTP server** to - [ Send Notifications ](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md). + [Send Notifications](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md). ## SaaS vs. On-Premise @@ -70,7 +70,7 @@ Identity Manager comes in two flavors: SaaS and On-Premise. - The **SaaS** offering only requires the Agent to be installed on your organization network. - The **On-Premise** offering requires the Agent, the [Install the Server](/docs/identitymanager/saas/installation-guide/production-ready/server/index.md), and the - [ Install the Database ](/docs/identitymanager/saas/installation-guide/production-ready/database/index.md) to be installed. + [Install the Database](/docs/identitymanager/saas/installation-guide/production-ready/database/index.md) to be installed. See the [ Install the Agents](/docs/identitymanager/saas/installation-guide/production-ready/agent/index.md) topics for additional information. @@ -115,7 +115,7 @@ additional information. ## Email Server Identity Manager sends notifications to users by email. An email server will have to be set up for -the Agent and the Server. See the [ Send Notifications ](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md) +the Agent and the Server. See the [Send Notifications](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md) topic for additional information. Before you check out the installation steps, make sure that all the diff --git a/docs/identitymanager/saas/installation-guide/production-ready/agent/index.md b/docs/identitymanager/saas/installation-guide/production-ready/agent/index.md index bdd064825e..8c2d65ce52 100644 --- a/docs/identitymanager/saas/installation-guide/production-ready/agent/index.md +++ b/docs/identitymanager/saas/installation-guide/production-ready/agent/index.md @@ -11,13 +11,16 @@ your case, and the server is already installed, no need to go further. If, on th need separate agents, or if you are installing Identity Manager's agents within Identity Manager's SaaS offering, this is the way to go. -**NOTE:** Please make sure that Identity Manager's agent requirements are met before going further. -See the[ Agent ](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md) topic for additional information. +:::note +Please make sure that Identity Manager's agent requirements are met before going further. +See the[Agent](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md) topic for additional information. +::: + ## Agent Working Directory The agent runtime content should be extracted from the runtime archive following the instructions -provided in the [ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) topic. +provided in the [Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) topic. In the separate agent setup, the agent is usually installed on a different workstation from the server. @@ -30,8 +33,11 @@ topic for additional information. It is recommended to run the Identity Manager agent as an IIS website. -_Remember,_ to install Identity Manager's agent as a Windows service, see the -[ Agent ](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md) topic for additional information. +:::tip +Remember, to install Identity Manager's agent as a Windows service, see the +[Agent](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md) topic for additional information. +::: + Adding Identity Manager's agent as an IIS website can be achieved with the [Internet Information Services (IIS) Manager](https://www.iis.net/) which can be launched with the @@ -109,7 +115,7 @@ higher) to be able to run dotnet application. ## Select an Agent Identity The agent, through Identity Manager's server IIS Website, should be assigned a service account with -the relevant permissions. See the [ Agent ](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md) topic +the relevant permissions. See the [Agent](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md) topic for additional information. You can either: @@ -204,7 +210,7 @@ Up to four folders have to be considered: - the provisioning orders directory, usually `C:/identitymanager/Temp` (same as for the data collection directory). -See the[ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) and +See the[Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) and [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md) topics for additional information. @@ -251,7 +257,7 @@ information. The working directory permissions are all set. The same steps have to be performed on the runtime, the data collection and the provisioning orders -directories. See the[ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) and +directories. See the[Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) and [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md) topics for additional information. @@ -307,12 +313,10 @@ appsettings.agent.json   ...   "Connections": {     "ADExport": { -        "Servers": [ -          { +        "Servers": [{            "Server": "",            "BaseDN": "" -          } -        ], +          }],         "AuthType": "",         "Login": "",         "Password": "", @@ -328,10 +332,13 @@ appsettings.agent.json } ``` -_Remember,_ storing sensitive managed system data in configuration files, such as login/password +:::tip +Remember, storing sensitive managed system data in configuration files, such as login/password pairs, is strongly discouraged. Sensitive data should be protected by one of the credentials protection methods. See the[Connectors](/docs/identitymanager/saas/integration-guide/connectors/index.md) topic for additional information. +::: + ## Encryption Key Pair @@ -395,7 +402,7 @@ hence the X509KeyFilePassword attribute. Storing a `.pfx` file password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword tool. See the -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -444,12 +451,12 @@ The connection to Identity Manager's server can be configured through: - OpenIdClients and DefaultOpenIdClient must be used to set the agent's credentials to connect to the server; See the [appsettings.agent](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) - and[ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) + and[OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topics for additional information. Their content should be provided by the integration team, in relation to the OpenIdClient tag in the applicative configuration. See -the[ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) +the[OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. The following example shows an appsettings.agent.json file that sets an agent to connect to Identity @@ -472,8 +479,11 @@ script in the command line. } ``` -_Remember,_ storing plain text passwords in configuration files is strongly discouraged. Sensitive +:::tip +Remember, storing plain text passwords in configuration files is strongly discouraged. Sensitive passwords should be encrypted. +::: + ## Install the Agent as a Windows Service @@ -490,8 +500,11 @@ script in the command line. sc.exe create Usercube binpath= "" displayname= "" start= auto obj= "" password= "" ``` -_Remember,_ make sure to include a space between each parameter's equal sign (=) and the parameter +:::tip +Remember, make sure to include a space between each parameter's equal sign (=) and the parameter value. +::: + ## Configure the Starting Mode in IIS (optional) @@ -534,4 +547,4 @@ from being launched. ## What's Next? The last step in the installation process is setting up an Email server. See the -[ Send Notifications ](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md) topic for additional information. +[Send Notifications](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md b/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md index 74bd92dd16..46201584a9 100644 --- a/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md +++ b/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md @@ -46,7 +46,7 @@ Here is an example with an external SMTP server. ``` -appsettings.json +**appsettings.json** { ... diff --git a/docs/identitymanager/saas/installation-guide/production-ready/index.md b/docs/identitymanager/saas/installation-guide/production-ready/index.md index 17f47e5089..32a6a5aa6a 100644 --- a/docs/identitymanager/saas/installation-guide/production-ready/index.md +++ b/docs/identitymanager/saas/installation-guide/production-ready/index.md @@ -8,7 +8,7 @@ sidebar_position: 40 This guide leads the reader through the steps to install Identity Manager for production purposes. -**1.\_\_**Before proceeding\_\_, you should go through the [ Overview ](/docs/identitymanager/saas/installation-guide/overview/index.md) and +**1.\_\_**Before proceeding\_\_, you should go through the [Overview](/docs/identitymanager/saas/installation-guide/overview/index.md) and [Requirements](/docs/identitymanager/saas/installation-guide/requirements/index.md) sections to make fundamental decisions about Identity Manager setup, including: @@ -38,4 +38,4 @@ as target organization. ## What's Next? -The first step consists in [ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md). +The first step consists in [Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md). diff --git a/docs/identitymanager/saas/installation-guide/production-ready/server/index.md b/docs/identitymanager/saas/installation-guide/production-ready/server/index.md index f0b2e55faf..aeb27a3f2b 100644 --- a/docs/identitymanager/saas/installation-guide/production-ready/server/index.md +++ b/docs/identitymanager/saas/installation-guide/production-ready/server/index.md @@ -6,8 +6,11 @@ sidebar_position: 30 # Install the Server -**NOTE:** If you are a SaaS client this topic does not apply. You can skip directly to end user +:::note +If you are a SaaS client this topic does not apply. You can skip directly to end user authentication. See the Set up End-User Authentication topic for additional information. +::: + Identity Manager Server can be installed on the same workstation as the database or on a separate workstation. If Identity Manager is installed on a separate workstation, it requires the SQL @@ -20,7 +23,7 @@ Please make sure that the server requirements are met before going further. See The server executable is beeing been extracted to the working directory as `Usercube-Server.exe` and `Usercube-Server.dll` and will enable a user or IIS to run the Identity Manager Server. See the -[ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) topic for additional information. +[Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) topic for additional information. ## Set up the License Key @@ -101,7 +104,10 @@ To create a service account you need to perform the following steps: **Step 1 –** Log on to a Windows server in the target domain environment. You should use an account with the necessary permissions to create new domain accounts. -**NOTE:** The target domain is the domain where SQL Server is installed. +:::note +The target domain is the domain where SQL Server is installed. +::: + **Step 2 –** Access the _Active Directory User and Computers_ tool with the command `dsa.mc`. @@ -111,18 +117,24 @@ select **New** > **User**. **Step 4 –** Choose a mnemonic _First Name_ for the Identity Manager Server, as for example `UsercubeContosoServer`, and click **Next**. -_Remember,_ the down-level log on name in the format `DOMAIN/userName`,.as for example +:::tip +Remember, the down-level log on name in the format `DOMAIN/userName`,.as for example `CONTOSO/identitymanagerContosoServer`. +::: + **Step 5 –** Set a password and remember it for later, check the boxes **User cannot change password** and **Password never expires**. This newly created service account is a domain account and will be used as an IIS identity. -**NOTE:** You can go further and use Managed Service Account to avoid dealing with the service +:::note +You can go further and use Managed Service Account to avoid dealing with the service account password update yourself and let Windows worry about it. This feature requires installing Identity Manager on Windows Server 2016 or later, and using an Active Directory with a forest level set to Windows Server 2016 or later. +::: + ### Set an IIS identity @@ -219,7 +231,7 @@ Up to four folders have to be considered: - The provisioning orders directory, usually `C:/identitymanager/Temp` (same as for the data collection directory). -See the [ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) and +See the [Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) and [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md) topics for additional information. @@ -254,7 +266,7 @@ The Identity Manager Server service account that was chosen previously: The working directory permissions are all set. The same steps have to be performed on the runtime, the data collection and the provisioning orders -directories. See the [ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) and +directories. See the [Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) and [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md) topics for additional information. @@ -336,7 +348,7 @@ section. Storing a `.pfx` file password in plain text in a production environment is strongly discouraged. The password should always be encrypted using the Usercube-Protect-CertificatePassword tool. See the -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -383,9 +395,9 @@ permissions, let's finalize the setup. The connection between the Server and the Database requires choosing an authentication method: [Windows Authentication](https://docs.microsoft.com/en-us/sql/relational-databases/security/choose-an-authentication-mode?view=sql-server-ver15#windows-authentication) or SQL Server authentication. See the -[ Connection to the Database ](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/database-connection/index.md) +[Connection to the Database](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/database-connection/index.md) and -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) topics for additional information. Windows authentication will require the IIS identity to be set to the custom Windows service account used to log in to the Identity Manager's Windows Server session. SQL authentication will work with both the _built-in_ app pool identity and a custom service @@ -446,10 +458,13 @@ appsettings.json ``` -**_RECOMMENDED:_** SQL Server authentication stores plain text credentials in the configuration +:::info +SQL Server authentication stores plain text credentials in the configuration file. This is strongly discouraged. To avoid storing plain text credentials, you should always strive to use Windows authentication or encrypt sensitive setting values such as the connection string. +::: + ## SSL Certificate diff --git a/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md b/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md index 02455cd9f0..29e13b13d5 100644 --- a/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md +++ b/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md @@ -60,4 +60,4 @@ The working directory structure should now resemble the following: ## What's Next? Next section shows how to install the Identity Manager Database. See the -[ Install the Database ](/docs/identitymanager/saas/installation-guide/production-ready/database/index.md)topic for additional information. +[Install the Database](/docs/identitymanager/saas/installation-guide/production-ready/database/index.md)topic for additional information. diff --git a/docs/identitymanager/saas/installation-guide/quick-start/index.md b/docs/identitymanager/saas/installation-guide/quick-start/index.md index 6ee393f5d7..79e0ebeba4 100644 --- a/docs/identitymanager/saas/installation-guide/quick-start/index.md +++ b/docs/identitymanager/saas/installation-guide/quick-start/index.md @@ -41,16 +41,22 @@ When extracting Identity Manager Bootstrap to the root of the computer, it looks **Step 5 –** Create a Sources folder in Identity Manager Bootstrap. -_Remember,_ if you don't have the Identity Manager Bootstrap folder or if you don't create the +:::tip +Remember, if you don't have the Identity Manager Bootstrap folder or if you don't create the Sources folder, the Path in the Directory connection in the Runtime/appsettings.agent.json must be adapted. Note that you don't need to have a Directory.xlsx file at the location described by this Path for now. +::: + **Step 6 –** Create a database named Identity Manager, using the default options. -**NOTE:** When using a database server other than Microsoft SQL Server or a different database name, +:::note +When using a database server other than Microsoft SQL Server or a different database name, remember to change the connection string accordingly, in the Runtime/appsettings.json file and in the future command lines. +::: + **Step 7 –** Execute the Runtime/identitymanager.sql file in the database. diff --git a/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md b/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md index b316dbf25c..2bac0691a3 100644 --- a/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md +++ b/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md @@ -58,7 +58,7 @@ or a custom ### Working directory permissions The agent's service account needs specific permissions presented in the -[ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) topic as: +[Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) topic as: - _Read_, _Modify_, and _List folder contents_ on the working directory; - _Read & Execute_ and _List folder contents_ on the `Runtime` directory, usually @@ -68,7 +68,7 @@ The agent's service account needs specific permissions presented in the - _Read_, _Modify_, _List folder contents_, and _Write_ on the directory for data collection, whose path depends on the `Work` folder's path. -See the [ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) and +See the [Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) and [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md) topics for additional information. @@ -98,7 +98,7 @@ Before going further, make sure the integration team has provided: Managed systems credentials are stored in the `appsettings.agent` configuration set and can be protected. See the [appsettings.agent](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) -and [ Modules ](/docs/identitymanager/saas/integration-guide/modules/index.md) topics for additional information. +and [Modules](/docs/identitymanager/saas/integration-guide/modules/index.md) topics for additional information. ### Database permissions @@ -123,7 +123,7 @@ communication with the server. ## Emails The agent needs access to an SMTP server to -[ Send Notifications ](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md). +[Send Notifications](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md). ## Encryption Key Pair diff --git a/docs/identitymanager/saas/installation-guide/requirements/database-requirements/index.md b/docs/identitymanager/saas/installation-guide/requirements/database-requirements/index.md index 0d011d4293..7d68078c1e 100644 --- a/docs/identitymanager/saas/installation-guide/requirements/database-requirements/index.md +++ b/docs/identitymanager/saas/installation-guide/requirements/database-requirements/index.md @@ -13,7 +13,10 @@ This section identifies hardware and software requirements for Identity Manager' The database disk storage requirements depend on multiple factors as the database lifespan and the number of entries, for example 100,000 users can take up appropriately 10 GB of storage -**NOTE:** The maximum SQL Express database is 10 GB. +:::note +The maximum SQL Express database is 10 GB. +::: + ## Software diff --git a/docs/identitymanager/saas/installation-guide/requirements/device-requirements/index.md b/docs/identitymanager/saas/installation-guide/requirements/device-requirements/index.md index 2e7f7df9d1..6af0d09b51 100644 --- a/docs/identitymanager/saas/installation-guide/requirements/device-requirements/index.md +++ b/docs/identitymanager/saas/installation-guide/requirements/device-requirements/index.md @@ -17,8 +17,11 @@ for additional information. No matter whether the machine is virtual or physical, running a Identity Manager server or agent requires at least 8 GB of RAM, 20 GB of disk storage, and a dual-core CPU. -**NOTE:** Netwrix Identity Manager (formerly Usercube) recommends a 4-core CPU if SQL server is +:::note +Netwrix Identity Manager (formerly Usercube) recommends a 4-core CPU if SQL server is installed on this device. +::: + ## Software diff --git a/docs/identitymanager/saas/installation-guide/requirements/index.md b/docs/identitymanager/saas/installation-guide/requirements/index.md index 49e1e5267e..4c99a2f7fc 100644 --- a/docs/identitymanager/saas/installation-guide/requirements/index.md +++ b/docs/identitymanager/saas/installation-guide/requirements/index.md @@ -11,4 +11,4 @@ This section identifies hardware and software requirements for each Identity Man - [Integration Device](/docs/identitymanager/saas/installation-guide/requirements/device-requirements/index.md) - [Database](/docs/identitymanager/saas/installation-guide/requirements/database-requirements/index.md) - [Server](/docs/identitymanager/saas/installation-guide/requirements/server-requirements/index.md) -- [ Agent ](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md) +- [Agent](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md) diff --git a/docs/identitymanager/saas/installation-guide/requirements/server-requirements/index.md b/docs/identitymanager/saas/installation-guide/requirements/server-requirements/index.md index 22e1c4ceb8..97f0dea408 100644 --- a/docs/identitymanager/saas/installation-guide/requirements/server-requirements/index.md +++ b/docs/identitymanager/saas/installation-guide/requirements/server-requirements/index.md @@ -53,7 +53,7 @@ Server. Hence Netwrix Identity Manager (formerly Usercube) recommends using a do ### Working directory permissions The agent's service account needs specific permissions presented in -the[ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) topic as: +the[Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) topic as: - _Read_ and _List folder contents_ on the working directory; - _Read & Execute_ and _List folder contents_ on the `Runtime` directory, usually @@ -63,7 +63,7 @@ the[ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/ - _Read_, _List folder contents_, and _Write_ on the directory for data collection, whose path depends on the `Work` folder's path. -See the [ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) and +See the [Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) and [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md) topics for additional information. @@ -112,7 +112,7 @@ set up in IIS. ## Emails The server needs access to an SMTP server to -[ Send Notifications ](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md). +[Send Notifications](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md). ## Encryption and Identity Server Key Pairs @@ -147,4 +147,4 @@ and[ pvk2pfx tool](https://docs.microsoft.com/en-us/windows-hardware/drivers/dev ## What's Next? Let's move on to Identity Manager's agent requirements. See the -[ Agent ](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md) topic for additional information. +[Agent](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/installation-guide/reverse-proxy/index.md b/docs/identitymanager/saas/installation-guide/reverse-proxy/index.md index 00cddba671..5d34db4aaa 100644 --- a/docs/identitymanager/saas/installation-guide/reverse-proxy/index.md +++ b/docs/identitymanager/saas/installation-guide/reverse-proxy/index.md @@ -76,11 +76,11 @@ at `` on network 2. ``` -nginx.conf +**nginx.conf** worker_processes auto; -http { +**http {** ## # Basic Settings @@ -203,6 +203,6 @@ server { proxy_set_header X-Real-IP $remote_addr; } - } +**}** ``` diff --git a/docs/identitymanager/saas/integration-guide/api/authentication/index.md b/docs/identitymanager/saas/integration-guide/api/authentication/index.md index 59bc138039..e257af9c7f 100644 --- a/docs/identitymanager/saas/integration-guide/api/authentication/index.md +++ b/docs/identitymanager/saas/integration-guide/api/authentication/index.md @@ -11,17 +11,17 @@ Identity Manager API authentication is based on the `[Usercube application URL]/.well-known/openid-configuration`. An OpenId client must be previously defined using an -[ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) configuration +[OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) configuration element. The `client_id` parameter to use in calls to the OpenIdConnect protocol endpoints must be the concatenation of `clientId`, `@` and the domain of the application. -For example, client defined by +**For example, client defined by** ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/api/pagination/index.md b/docs/identitymanager/saas/integration-guide/api/pagination/index.md index f2e365e1bb..f1461516b0 100644 --- a/docs/identitymanager/saas/integration-guide/api/pagination/index.md +++ b/docs/identitymanager/saas/integration-guide/api/pagination/index.md @@ -13,9 +13,12 @@ The principle is to call the function with the ContinuationToken obtained from t ![Pagination sequence diagram](/img/product_docs/identitymanager/saas/integration-guide/api/pagination/pagination.webp) -**NOTE:** Pagination is optional. If PageSize is not specified, the function will return all items +:::note +Pagination is optional. If PageSize is not specified, the function will return all items or use the limit specified in the squery parameter. If PageSize is specified, no limit must be specified in the squery parameter. +::: + A DefaultPageSize as well as a MaxPageSize can be defined in the Applicative configuration settings. If the given PageSize or squery limit is above the MaxPageSize, the limit of the MaxPageSize` is diff --git a/docs/identitymanager/saas/integration-guide/api/squery/index.md b/docs/identitymanager/saas/integration-guide/api/squery/index.md index 46c8c9e827..c3495ed932 100644 --- a/docs/identitymanager/saas/integration-guide/api/squery/index.md +++ b/docs/identitymanager/saas/integration-guide/api/squery/index.md @@ -72,7 +72,10 @@ If select is not specified, API will just return queried elements' Ids. Last 100 started job's instances' Ids. -_Remember,_ The `Top` in the API queries had been deprecated and `PageSize`should be used instead. +:::tip +Remember, The `Top` in the API queries had been deprecated and `PageSize`should be used instead. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -101,8 +104,7 @@ script in the command line. ``` { -  "Result": [ -    { +  "Result": [{       "Id": "2147483653",       "Properties": [         { @@ -129,14 +131,12 @@ script in the command line.         {           "Id": "-9223372015379939312",           "Identifier": "WorkflowInstanceId" -        } -      ], +        }],       "Identifier": "AssignedCompositeRole"     },     {       "Id": "2147483654", -      "Properties": [ -        { +      "Properties": [{           "Id": "-9223372011084972031",           "Association1": {             "Id": "-9223372011084972031", @@ -160,8 +160,7 @@ script in the command line.         {           "Id": "-9223372011084972025",           "Identifier": "StartDate" -        } -      ], +        }],       "Identifier": "AssignedResourceNavigation"     }   ] diff --git a/docs/identitymanager/saas/integration-guide/architecture/index.md b/docs/identitymanager/saas/integration-guide/architecture/index.md index a1f5e28b75..fa7a3431b8 100644 --- a/docs/identitymanager/saas/integration-guide/architecture/index.md +++ b/docs/identitymanager/saas/integration-guide/architecture/index.md @@ -24,15 +24,15 @@ on Windows. Identity Manager's database is a ![Architecture](/img/product_docs/identitymanager/saas/integration-guide/architecture/architecture.webp) -See the [ SaaS Environment ](/docs/identitymanager/saas/integration-guide/architecture/saas/index.md) topic for additional information on Netwrix Identity +See the [SaaS Environment](/docs/identitymanager/saas/integration-guide/architecture/saas/index.md) topic for additional information on Netwrix Identity Manager (formerly Usercube) recommended architecture when working in a SaaS environment. -See the [ On-Premises Environment ](/docs/identitymanager/saas/integration-guide/architecture/on-prem/index.md) topic for additional information on Netwrix +See the [On-Premises Environment](/docs/identitymanager/saas/integration-guide/architecture/on-prem/index.md) topic for additional information on Netwrix Identity Manager (formerly Usercube)' recommended architecture when working in an on-premises environment. See how to -[ Protect Agent/Server Communication ](/docs/identitymanager/saas/integration-guide/architecture/protect-agent-server-communication/index.md). +[Protect Agent/Server Communication](/docs/identitymanager/saas/integration-guide/architecture/protect-agent-server-communication/index.md). ## Isolation Principle diff --git a/docs/identitymanager/saas/integration-guide/architecture/protect-agent-server-communication/index.md b/docs/identitymanager/saas/integration-guide/architecture/protect-agent-server-communication/index.md index 3cbddb676b..efd75c3dea 100644 --- a/docs/identitymanager/saas/integration-guide/architecture/protect-agent-server-communication/index.md +++ b/docs/identitymanager/saas/integration-guide/architecture/protect-agent-server-communication/index.md @@ -44,7 +44,7 @@ The agent must be configured, in its `appsettings.json`, with: environment, Identity Manager provides it. In order to give to the agent the right permissions, the XML configuration must specify an -[ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) linked to +[OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) linked to its hashed secret, and to a Identity Manager profile. ## Protect Agent/Server Communication @@ -95,9 +95,9 @@ Protect agent/server communication by proceeding as follows: 3. Configure an OpenIdClient, both on agent side in `appsettings.agent.json` with the non-hashed secret and on server side in the XML configuration with the secret hashed by the - [ Usercube-New-OpenIDSecret ](/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md) + [Usercube-New-OpenIDSecret](/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md) executable. See the - [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) for + [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) for additional information. > For example on agent side: diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/connections/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/connections/index.md index 4984084d74..d8dae05997 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/connections/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/connections/index.md @@ -12,14 +12,14 @@ in order to extract and/or fulfill data from/to external systems. ## Connection Configuration A connector needs at least one -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) which needs to be +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) which needs to be declared both in the XML configuration and in the [appsettings.agent](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) file to be used. The connection settings must be set in appsettings.agent.json > Connections > **connectionIdentifier**, where **connectionIdentifier** is the identifier specified for the connection in the XML configuration. -See the [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for +See the [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. The information stored in the connection depends on the export and/or fulfill technologies used by @@ -30,17 +30,17 @@ information. ## Connection Tables -A [ Connection Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connectiontable/index.md) +A [Connection Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connectiontable/index.md) represents the potential output of the connection's -[ Export Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md), when the +[Export Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md), when the connection's package allows export. The export process generates CSV files (our connection tables) whose names start with the connection's identifier. The files' suffixes depend on the connector. See the [References: Connectors](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/index.md) topic for additional information. The name of these files are used to specify the connection tables of the -[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) +[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and -[ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +[Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) in order to link the connectors' properties to the source files and columns from the managed systems. @@ -104,4 +104,4 @@ Hence, extra care should be taken while specifying them. There are several types of secured options: a simple field or multiple key-value fields. -See the [ Configure Secured Options ](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/configure-secured-options/index.md) topic for additional information. +See the [Configure Secured Options](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/configure-secured-options/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/create-connector/entra-ID/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/create-connector/entra-ID/index.md index f2ff424d11..60c25f0654 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/create-connector/entra-ID/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/create-connector/entra-ID/index.md @@ -13,12 +13,12 @@ additional information about creating a connector. The following are prerequisites for the connector creation. -Configure the external system +**Configure the external system** See the [Register for Microsoft Entra ID](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/azuread-register/index.md) topic for additional information on how to register Identity Manager. -Configure Identity Manager +**Configure Identity Manager** See the [ Microsoft Entra ID](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftentraid/index.md) topic for additional information on the connection. @@ -46,7 +46,7 @@ appsettings.agent.json ## Build the Connector -See the [ Connect to a Managed System ](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) +See the [Connect to a Managed System](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) topic for additional information on how to build a connector via the UI, with its connections, entity types and mappings. @@ -162,7 +162,7 @@ expression, the target entity type and property. See the[Binding](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) topic for additional information. -Entity mapping +**Entity mapping** Each property of the entity type must be mapped to an attribute among those exported from Microsoft Entra ID. @@ -279,7 +279,7 @@ entity association mapping) of the CSV file. This is how the connectors are displayed on the UI. -Menu items +**Menu items** Each connector should be configured with a menu item, which is created automatically when working via the UI. @@ -296,10 +296,10 @@ Conf/MicrosoftEntraID/MicrosoftEntraID Nav.xml ``` -Displayed resources +**Displayed resources** See the -[ Organize Resources' Datasheets ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md) +[Organize Resources' Datasheets](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md) topic for additional information on how to set the display properties via the UI. For example: @@ -339,10 +339,10 @@ Conf/MicrosoftEntraID/MicrosoftEntraID UI.xml This is how the resources are displayed on the UI. -Resources' display names +**Resources' display names** See the -[ Set Resources' Display Names ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md) +[Set Resources' Display Names](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md) topic for additional information on how to set resources' display names via the UI. For example: @@ -355,7 +355,7 @@ Conf/MicrosoftEntraID/MicrosoftEntraID UI.xml ``` -Permissions +**Permissions** In order to access the connector, any user must have the right permissions. diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/create-connector/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/create-connector/index.md index d86b7beed9..188916dedc 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/create-connector/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/create-connector/index.md @@ -12,7 +12,7 @@ See an example on how to register [For Microsoft Entra ID](/docs/identitymanager Netwrix Identity Manager (formerly Usercube) strongly recommends configuring as much as possible via the UI instead of XML files. See the -[ Connect to a Managed System ](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) topic to +[Connect to a Managed System](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) topic to learn how to create a connector via the UI. ## Prerequisites @@ -31,12 +31,12 @@ settings can also be input through environment variables. See the [Network Configuration](/docs/identitymanager/saas/integration-guide/network-configuration/index.md) topic for additional information. This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` - appsettings.agent.json +**appsettings.agent.json** { ... "Connections": { ... "": { ... } } } @@ -58,9 +58,7 @@ Microsoft Entra ID](/docs/identitymanager/saas/integration-guide/connectors/refe ## Build the Connector -See the [ -Connect to a Managed System -](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) topic to learn how to build a connector via the UI, with its connections, entity types and mappings. +See the [Connect to a Managed System](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) topic to learn how to build a connector via the UI, with its connections, entity types and mappings. When exporting the configuration, a `````` connector should be found in the ```Conf// Connector.xml``` file. @@ -70,11 +68,7 @@ All XML files must start with the `````` and `````` ele The [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md) of the connector defines how the exported data will be written to Identity Manager's repository. It should match as closely as possible the structure of the relevant data from the external system, and be aligned with Identity Manager's repository. -The entity model is configured by entity type and entity association containing scalar and navigation properties. See the [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md)[ -Entity Association -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md), and [ -Entity Type -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) topics for additional information. +The entity model is configured by entity type and entity association containing scalar and navigation properties. See the [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md)[Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md), and [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) topics for additional information. The entity model can be refined later in the project. @@ -82,11 +76,7 @@ The entity model can be refined later in the project. Each property of the entity type must be mapped to an attribute from among those exported from the system. -Entity mapping is configured through [ -Entity Type Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and [ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). +Entity mapping is configured through [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). So each element of an entity type mapping is meant to link a property from the result of the CSV export file containing the exported attributes to a property from the entity type. @@ -116,9 +106,7 @@ Then each connector should be configured with a menu item, which is created auto ### Displayed resources -See the [ -Organize Resources' Datasheets -](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md) to learn more on how to set the display properties via the UI. +See the [Organize Resources' Datasheets](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md) to learn more on how to set the display properties via the UI. In the XML configuration, scalar properties are automatically displayed in the datasheets of the connector's resources. But navigation properties must be declared explicitly. @@ -130,15 +118,11 @@ The resources are displayed in a table configurable through a [Display Table](/d ### Resources' display names -See the [ -Set Resources' Display Names -](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md) to learn how to set resources' display names via the UI. +See the [Set Resources' Display Names](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md) to learn how to set resources' display names via the UI. Each resource is displayed in the UI with a display name. -Resources' display names are customizable through [ -Entity Type -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) +Resources' display names are customizable through [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression. ### Permissions diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/credential-protection/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/credential-protection/index.md index 1c4a5c5561..bed01acc07 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/credential-protection/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/credential-protection/index.md @@ -7,7 +7,7 @@ sidebar_position: 20 # Credential Protection The credentials of any managed system can be protected using an -[ RSA Encryption ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), a +[RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), a [CyberArk's AAM Credential Providers ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md) vault or an [Azure Key Vault](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) safe. diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/demoapp-banking/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/demoapp-banking/index.md index fc246c59ea..ef2a7e1a10 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/demoapp-banking/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/demoapp-banking/index.md @@ -49,15 +49,21 @@ This API provides: - Operations on users, including: Get list, Get by ID, Create, Update, and Delete (CRUD) - Operations on groups, limited to Get list only -**NOTE:** In the Banking Demo Application appsettings two parameters are available: +:::note +In the Banking Demo Application appsettings two parameters are available: +::: + - `RequireAuthorization` (default: true) — When enabled, the system checks whether a token is present in the request headers - `RequireSecureHeader` (default: false) — When enabled, the system verifies that the SecureHeaderparameter is included in the request headers -_Remember,_ a Postman collection is provided in the same folder as the executable (.exe) to +:::tip +Remember, a Postman collection is provided in the same folder as the executable (.exe) to facilitate API testing. +::: + ## Running the Banking Application diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/index.md index a0d1c56370..5c49e9a7bd 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/index.md @@ -9,7 +9,7 @@ sidebar_position: 10 This part gathers information about connector configuration. Netwrix Identity Manager (formerly Usercube) recommends creating and configuring a connector via the -UI. See the [ Connect to a Managed System ](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) +UI. See the [Connect to a Managed System](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) topic for additional information. - [Connections](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/connections/index.md) diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/powershell-fulfill/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/powershell-fulfill/index.md index b61ddf5d5c..3baf372088 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/powershell-fulfill/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/powershell-fulfill/index.md @@ -60,8 +60,7 @@ and [Active Directory](/docs/identitymanager/saas/integration-guide/connectors/r > "Connections": { > ... > "ADFulfillment": { -> "Servers": [ -> { +> "Servers": [> { > "Server": "...", > "BaseDN": "..." > }, @@ -69,7 +68,7 @@ and [Active Directory](/docs/identitymanager/saas/integration-guide/connectors/r > "Server": "paris.contoso.com", > "BaseDN": "DC=defense,DC=paris,DC=com" > } -> ], +>], > "AuthType": "Basic", > "Login": "...", > "Password": "...", @@ -468,7 +467,7 @@ This example configures the following list display: #### Internal Display Name An `InternalDisplayName` can also be declared as an -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property +[Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression. The `InternalDisplayName` is used in several UI screens to identify a resource for the user. diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/scim-cyberark-export/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/scim-cyberark-export/index.md index e4c1f67c4f..87d2872833 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/scim-cyberark-export/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/scim-cyberark-export/index.md @@ -8,7 +8,7 @@ sidebar_position: 160 This guide shows how to set up a [SCIM](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/scim/index.md) connector to extract data from your CyberArk instance into CSV source files that will in turn be fed to the -[ Upward Data Synchronization ](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) task and to your +[Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) task and to your Identity Manager resource repository. It will focus on registering Identity Manager within the target CyberArk instance, configuring the connector, and building the job to perform regularly scheduled synchronization. @@ -163,7 +163,7 @@ Notice the `*` that separates the entities. ``` - appsettings.agent.json +**appsettings.agent.json** { ... "Connections": { ... "SCIMCyberArkExport": { "Server": "https://host:port/CyberArk/scim", "Login": "Usercube-user", "Password": "Cyberark1", "Filter": @@ -177,9 +177,7 @@ displayName type name", "FilterGroup": "Groups;id displayName", "SCIMSyntax": "C ##### Set up export files -The export generates CSV source files that will be fed to the [ -Upward Data Synchronization -](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) task. +The export generates CSV source files that will be fed to the [Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) task. The SCIM connector generates one file per entity, the name is generated as: ```EntryFile``` + ```'_'``` + ```FilterEntity``` or ```MembersFile``` + ```'_'``` + ```FilterGroupEntity```. @@ -187,9 +185,7 @@ Moreover, ```SyncCookiesFile``` can be specified to indicate the location of the See the [SCIM](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/scim/index.md)topic for additional information. -The target directory and file name are chosen freely. However, Netwrix Identity Manager (formerly Usercube) strongly recommends using the Working Directory ```Temp/ExportOutput``` folder and choosing file names that start with the ```CyberArk_``` prefix. See the [ -Create a Working Directory -](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) topic for additional information. +The target directory and file name are chosen freely. However, Netwrix Identity Manager (formerly Usercube) strongly recommends using the Working Directory ```Temp/ExportOutput``` folder and choosing file names that start with the ```CyberArk_``` prefix. See the [Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) topic for additional information. ##### Example @@ -231,7 +227,7 @@ linked to an Agent. See the [Toolkit for XML Configuration](/docs/identitymanage additional information. It is strongly recommended that the applicative configuration be stored the -[ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) +[Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) `Conf` folder as a set of `xml` files organized by connector. - In the `Conf` folder, create a `SCIMCyberArk` directory. @@ -239,13 +235,13 @@ It is strongly recommended that the applicative configuration be stored the This file contains the declaration of the connector and the associated Entity Model. -- Use the [ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) element to +- Use the [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) element to declare the connector with the following attributes: - **Identifier** identifies this connector in the applicative configuration. We recommend using a meaningful name such as `CyberArk`. If several connections to several CyberArk targets are possible, only one CyberArk Connector per Agent is used. See the - [ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) + [Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) topic for additional information. - **DisplayName_Li, i ? [1..16]** are used in the UI. - **Agent** is the identifier of the Agent that will run this connector's export task. The @@ -275,24 +271,24 @@ It is strongly recommended that the applicative configuration be stored the The exported data to be written to the resource repository must be aligned with the [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md). See the -[ Identity Management ](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md) topic +[Identity Management](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md) topic for additional information. The [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md) should match as closely as possible the structure of the CyberArk data relevant for Identity Manager. It is designed by analyzing the CyberArk data structure, and describing said data with the Entity Types and -[ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +[Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). Eventually, it is up to the integration team to design the [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md) that best serves the Role Model needs. It will most likely be refined iteratively throughout the project integration. See the -[ Assignment Policy ](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) topic for additional +[Assignment Policy](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) topic for additional information. A good starting point for the Entity Model is to mirror the shape of the exported CyberArk SCIM objects. This guide provides a few examples that can serve this purpose. Thus, CyberArk SCIM objects such as **Users** and **Groups** can be described by Entity Types, and group membership by -[ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). See -the [ Assignment Policy ](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) topic for additional +[Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). See +the [Assignment Policy](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) topic for additional information. The [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md) for the CyberArk connector is written in the @@ -310,14 +306,14 @@ Declaring an Entity Type is achieved with the `` tag and the followi - **DisplayName_Li, i ? [1..16]** are used in the UI to identify this Entity Type for the end-user. **DisplayName_L1** is the name of the entity type in _language number one_. If this language is _English_, a good example value would be `CyberArk - User`. See the - [ Assignment Policy ](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) topic for additional + [Assignment Policy](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) topic for additional information. ##### Example ``` - Conf/SCIMCyberArk/CyberArk Connector.xml +**Conf/SCIMCyberArk/CyberArk Connector.xml** ... ... ... @@ -336,9 +332,7 @@ Finally, the main attributes of the `````` tag are the following: - __Identifier__ identifies the property with a mandatory unique name. It must be unique among the entity properties for this entity type. - __DisplayName_Li, i ? [1..16]__ are used in the UI. - __Type__ defines the type of property. A scalar property type can be: ```String```, ```Bytes```, ```Int16```, ```Int32```, ```Int64```, ```DateTime```, ```Bool```, ```Guid```, ```Double```, ```Binary```, ```Byte```, or ```Option```. The navigation property type is ```ForeignKey```. -- __TargetColumnIndex__ defines in which column of the resource table the property is stored. See the [ - Entity Type - ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)topic for additional information. +- __TargetColumnIndex__ defines in which column of the resource table the property is stored. See the [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)topic for additional information. ##### Example @@ -356,9 +350,9 @@ Notice the omitted __TargetColumnIndex__ attribute and the presence of ```Type=" #### Write entity associations -[ Assignment Policy ](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) are associated through their +[Assignment Policy](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) are associated through their navigation properties with -[ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) +[Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) elements. ##### Example @@ -373,7 +367,7 @@ of this **Group**. ``` - Conf/SCIMCyberArk/CyberArk Connector.xml +**Conf/SCIMCyberArk/CyberArk Connector.xml** ... ... @@ -381,29 +375,19 @@ of this **Group**. ```` -The exact nature of the IDs are described by the associated [ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). +The exact nature of the IDs are described by the associated [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). -Notice the format of the __Property1__ and __Property2__ xml attributes: the name of the entity type followed by ```:``` and the name of an entity property. It is a [ -Binding -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) that describes in one expression both the target entity type and property. +Notice the format of the __Property1__ and __Property2__ xml attributes: the name of the entity type followed by ```:``` and the name of an entity property. It is a [Binding](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) that describes in one expression both the target entity type and property. ### Create mapping The entity type must be mapped property by property to the exported attributes of CyberArk SCIM objects (namely, the columns of the CSV source files generated by the export). -The [ -Entity Type Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), [ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), and Entity Property Mapping elements serve this purpose. +The [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), and Entity Property Mapping elements serve this purpose. #### Write the entity type mapping -The [ -Entity Type Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element maps scalar properties from the CSV source file to an entity type. +The [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element maps scalar properties from the CSV source file to an entity type. The CSV source file path is written to the __ConnectionTable__ xml attribute. The target entity type name is written to the __Identifier__ xml attribute. @@ -417,7 +401,7 @@ The CSV source file path is written to the __ConnectionTable__ xml attribute. Th ```` To do so, the entity type mapping uses the -[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) +[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element with the `` tag. This maps the CSV column from `ConnectionColumn` to the target EntityType property which is written to the **Identifier** attribute. @@ -425,7 +409,7 @@ EntityType property which is written to the **Identifier** attribute. ``` - Conf/SCIMCyberArk/CyberArk Connector.xml +**Conf/SCIMCyberArk/CyberArk Connector.xml** ... @@ -454,19 +438,9 @@ Let's take the example of a new ```CyberArk_User``` which has never been synchro #### Write the entity association mapping -The [ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element maps navigation properties, used in [ -Entity Association -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +The [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element maps navigation properties, used in [Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). -An [](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)[ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element refers to an [ -Entity Association -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) written to the __Identifier__ xml attribute. Then, just as the [ -Entity Type Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element, it maps columns values from a CSV source file to an EntityType property. +An [](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)[Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element refers to an [Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) written to the __Identifier__ xml attribute. Then, just as the [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element, it maps columns values from a CSV source file to an EntityType property. ##### Example @@ -498,16 +472,16 @@ Here are a few explanations: The `Users` property in the `CyberArk_Group` entity: - is written to the **Property1** attribute of the `CyberArk_Group_Members` - [ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) + [Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) element. - is filled in by values from the `MemberId` column (written to the **Column2** attribute of the `CyberArk_Group_Members` - [](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)[ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) + [](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)[Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element) in the `C:/identitymanagerDemo/Temp/ExportOutput/CyberArk_members_Groups.csv` file. These values identify resources of type `CyberArk_User` by their `CyberArk_id` property (written to the **EntityPropertyMapping2** attribute of the -[](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)[ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +[](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)[Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element. ###### Groups/_CyberArk_User_ @@ -515,16 +489,16 @@ element. The `Groups` property in the `CyberArk_User` entity: - is written to the **Property2** attribute of the `CyberArk_Group_Members` - [ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) + [Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) element). - is filled in by values from the _value_ column (written to the **Column1** attribute of the `CyberArk_Group_Members` - [ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) + [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element) in the `C:/identitymanagerDemo/Temp/ExportOutput/CyberArk_members_Groups.csv` file. These values identify resources of type `CyberArk_Group` by their `CyberArk_id` property (written to the **EntityPropertyMapping1** attribute of the -[ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +[Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element). ## Display @@ -533,7 +507,7 @@ This step focuses on configuring a nice display for the synchronized list of res ### Navigation -A [ Menu Item ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) can be added to +A [Menu Item](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) can be added to include a link to the resources list in the left menu in the UI home screen. #### Parent menu item @@ -545,7 +519,7 @@ usually declared in the configuration root folder `Nav.xml` file. ``` - Conf/Nav.xml +**Conf/Nav.xml** ... @@ -588,7 +562,7 @@ describes how a single resource should be displayed. ``` - Conf/SCIMCyberArk/CyberArk UI.xml +**Conf/SCIMCyberArk/CyberArk UI.xml** ... @@ -626,7 +600,7 @@ configures the following list display: #### Internal display name An `InternalDisplayName` can also be declared as an -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property +[Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression. The `InternalDisplayName` is used in several UI screens to identify a resource for the user. @@ -638,7 +612,7 @@ of the entity type is used. ``` - Conf/SCIMCyberArk/CyberArk UI.xml +**Conf/SCIMCyberArk/CyberArk UI.xml** ... ... @@ -652,9 +626,7 @@ adds the ```InternalDisplayName``` to the CyberArk_User entity type to be used b This step focuses on setting up permissions for Identity Manager's end-users granting them access to the connector. -The [Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) and [Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) elements define the [ -AccessControlPermission -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpermission/index.md) for end-user profiles to read and write the connector's data (such as resources of a given entity type). It used by the UI when displaying data such as resources and available roles. +The [Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) and [Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) elements define the [AccessControlPermission](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpermission/index.md) for end-user profiles to read and write the connector's data (such as resources of a given entity type). It used by the UI when displaying data such as resources and available roles. It is strongly recommended that permissions be written to a new file. For example, the administrator profile permissions can be written to the ```CyberArk Profile Administrator.xml``` file. @@ -691,7 +663,7 @@ scaffolding. ``` - Conf/SCIMCyberArk/SCIM CyberArk Jobs.xml +**Conf/SCIMCyberArk/SCIM CyberArk Jobs.xml** ... @@ -710,22 +682,16 @@ Incremental synchronization can be configured with the following scaffolding. Se The execution of a Job entails execution of Tasks, reading/writing to the Database and sending files over to the Server. These operations are protected by an authorization mechanism. -To complete a Job, the Agent, via the [ -Usercube-Invoke-Job -](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md) uses: +To complete a Job, the Agent, via the [Usercube-Invoke-Job](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md) uses: -- A [ - Profile - ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) associated with the Job itself to read/write: +- A [Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) associated with the Job itself to read/write: - ```UJ_Jobs``` and ```UJ_Tasks``` tables in a list of tasks - ```UJ_JobInstances``` tables in the progress report - a Profile for each Task, to read/write ```UJ_TaskInstances``` tables (Progress Report) and perform other operations such as sending export files over to the Server. Each Profile must be assigned the right permissions for the associated Job or Task to perform. -Every request from Agent to Server within the execution of a Job needs to be authenticated with an [ -OpenIdClient -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect /Secret pair, linked to a Profile. +Every request from Agent to Server within the execution of a Job needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect /Secret pair, linked to a Profile. #### Create a profile @@ -741,7 +707,7 @@ Here, we focus on creating one profile, used by the Job and every Task of the Jo As the Principle of Least Privilege states, Netwrix Identity Manager (formerly Usercube)strongly recommends that you create a -[ Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) to be used during +[Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) to be used during the Synchronization jobs which will be different from the one used during the Provisioning job. This contributes to separating access rights. The same principle applied even more rigorously would make Identity Manager create one profile per @@ -750,7 +716,7 @@ Task. It isn't necessary as most Synchronization tasks require the same permissi #### Grant synchronization access rights to the profile For an Agent to launch server-side Tasks from the Job via the -[ Usercube-Invoke-Job ](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md), the profile linked to +[Usercube-Invoke-Job](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md), the profile linked to these tasks and used by the tool should be authorized to execute said tasks. Server-side Tasks for a simple Synchronization job usually are: @@ -777,9 +743,9 @@ Required permissions are: - `/Connectors/SynchronizeSession` Granting access can be done via the -[ SynchronizationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) +[SynchronizationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) scaffolding and -the[ Job View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md) +the[Job View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md) scaffolding. The following examples (or similar) should be written to `Conf/Profile AgentSychro.xml`. @@ -805,14 +771,14 @@ with the following access rights: - `/Jobs/RunJob/Launch` This can be done via the -[ Job Execution Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) +[Job Execution Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) scaffolding. ##### Example ``` - Conf/Profile AgentSychro.xml +**Conf/Profile AgentSychro.xml** ... ... @@ -821,13 +787,9 @@ scaffolding. #### Declare usable ClientId/Secret pairs in the configuration -An Agent's [ -Profile -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) is associated with a ```ClientId/Secret``` pair used by the Agent to authenticate to the Server. +An Agent's [Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) is associated with a ```ClientId/Secret``` pair used by the Agent to authenticate to the Server. -Usable ```ClientId/Secret``` pairs are written to the database from the xml configuration using the [ -OpenIdClient -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) xml element. +Usable ```ClientId/Secret``` pairs are written to the database from the xml configuration using the [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) xml element. It is strongly recommended that you write the `````` xml element to a new or existing ```OpenIdClients.xml``` file in the configuration root folder. @@ -835,9 +797,7 @@ The ```ClientId/Secret``` pair hence created must be associated with the profile ##### __Example__ -The following example creates a ```ClientId/Secret``` pair to be used by the Agent to authenticate to the Server and complete Jobs. The secret is hashed with the [ -Usercube-New-OpenIDSecret -](/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md) tool. +The following example creates a ```ClientId/Secret``` pair to be used by the Agent to authenticate to the Server and complete Jobs. The secret is hashed with the [Usercube-New-OpenIDSecret](/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md) tool. ``` @@ -880,7 +840,7 @@ scheduler. #### With Identity Manager's scheduler -Use the [ Job ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/job/index.md) CronTab Expression attribute. +Use the [Job](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/job/index.md) CronTab Expression attribute. > This example uses Identity Manager's scheduler to execute the > `CyberArk_Synchronize_Complete_Manually` job every fifteen minutes: @@ -902,7 +862,7 @@ For more details about checking Crontab expressions, see the #### With an external scheduler An external scheduler would rely on the -[ Usercube-Invoke-Job ](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md) tool. +[Usercube-Invoke-Job](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md) tool. ##### Example @@ -922,9 +882,7 @@ using the "Job/secret" authentication pair to connect to the Identity Manager S ### Deploy configuration -The configuration is written to the database using the [ -Deploy Configuration Task -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) tool. +The configuration is written to the database using the [Deploy Configuration Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) tool. ### Test diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/scim-salesforce-provisioning-entitlements/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/scim-salesforce-provisioning-entitlements/index.md index fd2f0486b0..a73aa1e0f0 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/scim-salesforce-provisioning-entitlements/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/scim-salesforce-provisioning-entitlements/index.md @@ -33,7 +33,7 @@ have an entity property with exactly `type` as identifier: ``` - +**** ``` @@ -41,7 +41,7 @@ And to map it in the `Entitlements` entity type mapping: ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/sharepoint-export/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/sharepoint-export/index.md index 645816b4ba..aa55d18e2b 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/sharepoint-export/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/sharepoint-export/index.md @@ -43,7 +43,7 @@ needs to be owner of the site. This step sets up the Identity Manager Agent in order to use the SharePoint connector and access the SharePoint data. -This guide focuses on the [ Architecture ](/docs/identitymanager/saas/integration-guide/architecture/index.md) method. Remember that +This guide focuses on the [Architecture](/docs/identitymanager/saas/integration-guide/architecture/index.md) method. Remember that settings can also be input through architecture. #### Connect to the SharePoint instance @@ -94,7 +94,7 @@ configuration, and only then, switching to a more secure way of storing credenti ##### Set up export files The export generates CSV source files that will be fed to the -[ Upward Data Synchronization ](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) task. +[Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) task. The target path for these files can be set up using the following settings: @@ -105,7 +105,7 @@ The target path for these files can be set up using the following settings: ``` - appsettings.agent.json +**appsettings.agent.json** { ... "Connections": { ... "SharePointExportContoso": { "Server": "https://contoso.sharepoint.com/", "Login": "usercube.service@contoso.com", "Password": "19f23f48379d50a9a50b8c" } } } @@ -179,7 +179,7 @@ configuration and linked to an Agent. See the It is strongly recommended that the applicative configuration be stored in the working directory `Conf` folder as a set of `xml` files organized by connector. See -the[ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) +the[Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) topic for additional information. - In the `Conf` folder, create a `SharePoint` directory. @@ -188,7 +188,7 @@ topic for additional information. This file should contain the declaration of the connector and the associated [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md). -- Use the [ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md)element to +- Use the [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md)element to declare the connector with the following attributes: - **Identifier** identifies this connector in the applicative configuration. See the @@ -224,17 +224,17 @@ topic for additional information. The exported data to be written to the resource repository must be aligned with the [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md). See -the[ Identity Management ](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md)topic +the[Identity Management](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md)topic for additional information. The [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md) should match as closely as possible the structure of the SharePoint data relevant for Identity Manager. It is designed by analyzing the SharePoint data structure, and describing said data with [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md) and an -[ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +[Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). Eventually, it is up to the integration team to design the [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md) that best serves the -[ Assignment Policy ](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) needs. It will be refined +[Assignment Policy](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) needs. It will be refined iteratively throughout the project phase. A good starting point for the Entity Model is to mirror the shape of the exported SharePoint @@ -264,7 +264,7 @@ and the following attributes: ``` - Conf/SharePoint/SharePoint Connector.xml +**Conf/SharePoint/SharePoint Connector.xml** ... ... @@ -299,14 +299,14 @@ SharePoint. [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md) types are associated through their navigation properties with -[ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) +[Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) elements. ##### Example ``` - Conf/SharePoint/SharePoint Connector.xml +**Conf/SharePoint/SharePoint Connector.xml** ... @@ -320,29 +320,19 @@ elements. ```` -The exact nature of the IDs are described by the associated [ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). +The exact nature of the IDs are described by the associated [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). -Notice the format of the __Property1__ and __Property2__ xml attributes: the name of the entity type is followed by ```:``` and the name of an entity property. It is a [ -Binding -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) describing in one expression, the target entity type and property. +Notice the format of the __Property1__ and __Property2__ xml attributes: the name of the entity type is followed by ```:``` and the name of an entity property. It is a [Binding](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) describing in one expression, the target entity type and property. ### Create mapping The entity type must be mapped property by property to the exported attributes of SharePoint objects (namely, the columns of the CSV source files generated by the export). -The [ -Entity Type Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), [ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), and Entity Type Mapping elements serve this purpose. +The [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), and Entity Type Mapping elements serve this purpose. #### Entity type mapping -The [ -Entity Type Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element maps the scalar properties from the CSV source file to an entity type. +The [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element maps the scalar properties from the CSV source file to an entity type. The CSV source file path is written to the ```ConnectionTable``` xml attribute. The target entity type name is written to the ```Identifier``` xml attribute. @@ -356,7 +346,7 @@ The CSV source file path is written to the ```ConnectionTable``` xml attribute. ```` To do so, the entity type mapping element uses the -[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) +[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) element with the `` tag. This maps the CSV column from `ConnectionColumn` to the target EntityType property which is written to the **Identifier** attribute. @@ -364,7 +354,7 @@ EntityType property which is written to the **Identifier** attribute. ``` - Conf/SharePoint/SharePoint Connector.xml +**Conf/SharePoint/SharePoint Connector.xml** ... @@ -405,19 +395,9 @@ As a result, after synchronization, the ```UR_Resource``` table will be updated #### Entity association mapping -The [ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element maps the navigation properties used in [ -Entity Association -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +The [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element maps the navigation properties used in [Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). -An [ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element refers to an [ -Entity Association -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) written to the ```Identifier``` xml attribute. Then, like [ -Entity Type Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), it maps column values from a CSV source file to an EntityType property. +An [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) element refers to an [Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) written to the ```Identifier``` xml attribute. Then, like [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), it maps column values from a CSV source file to an EntityType property. ##### Example @@ -435,7 +415,7 @@ This step focuses on configuring a nice display for the synchronized list of res ### Nav -A [ Menu Item ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) can be added to +A [Menu Item](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) can be added to include a link to the resources list in the left menu on the UI home screen. #### Parent menu item @@ -447,7 +427,7 @@ items. This is usually declared in the `Nav.xml` file in the configuration root ``` - Conf/Nav.xml +**Conf/Nav.xml** ... @@ -488,7 +468,7 @@ describes how a single resource should be displayed. ``` - Conf/SharePoint/SharePoint UI.xml +**Conf/SharePoint/SharePoint UI.xml** ... @@ -538,7 +518,7 @@ of the entity type is used. ``` - Conf/SharePoint/SharePoint Connector.xml +**Conf/SharePoint/SharePoint Connector.xml** ... @@ -558,9 +538,7 @@ This example adds the ```InternalDisplayName``` to the ```SharePoint_Entity```, This step focuses on setting up permissions for Identity Manager's end-users granting them access to the connector. -The [Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) and [Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) elements define [ -AccessControlPermission -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpermission/index.md) for end-user profiles to read and write the connector's data (such as resources of a given entity type). It is used by the UI when displaying data such as resources and available roles. +The [Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) and [Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) elements define [AccessControlPermission](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpermission/index.md) for end-user profiles to read and write the connector's data (such as resources of a given entity type). It is used by the UI when displaying data such as resources and available roles. It is strongly recommended that permissions be written to a new file. For example, the administrator profile permissions can be written to the ```SharePoint Profile Administrator.xml``` file. @@ -593,7 +571,7 @@ other related operations. ``` - Conf/SharePoint/SharePoint Jobs.xml +**Conf/SharePoint/SharePoint Jobs.xml** ... @@ -606,9 +584,7 @@ Notice the __Agent__ attribute that contains the name of the Agent which execute ### Components -The[ -Upward Data Synchronization -](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md)job includes three steps: +The[Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md)job includes three steps: - Export - Prepare-Synchro @@ -632,9 +608,9 @@ The execution of a Job entails execution of Tasks, reading/writing to the Databa over to the Server. These operations are protected by an authorization mechanism. To complete a Job, the Agent, via -the[ Usercube-Invoke-Job ](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md) uses: +the[Usercube-Invoke-Job](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md) uses: -- a [ Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) associated with +- a [Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) associated with the Job itself, to read/write: - `UJ_Jobs` and `UJ_Tasks` tables in a list of tasks - `UJ_JobInstances` tables in the progress report @@ -644,7 +620,7 @@ the[ Usercube-Invoke-Job ](/docs/identitymanager/saas/integration-guide/executab Each Profile must be assigned the right permissions for the associated Job or Task to perform. Every request from Agent to Server within the execution of a Job needs to be authenticated with an -[ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect +[OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a Profile. #### Create a profile @@ -653,23 +629,19 @@ Here, we focus on creating one profile, used by the Job and every Task of the Jo ``` - Conf/Profile AgentJob.xml +**Conf/Profile AgentJob.xml** ... ... ```` -As the Principle of Least Privilege states, Netwrix Identity Manager (formerly Usercube) strongly recommends that you create a[ -Profile -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) to be used during the Synchronization jobs which will be different from the one used during the Provisioning job. This contributes to separating access rights. +As the Principle of Least Privilege states, Netwrix Identity Manager (formerly Usercube) strongly recommends that you create a[Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) to be used during the Synchronization jobs which will be different from the one used during the Provisioning job. This contributes to separating access rights. The same principle applied even more rigorously would make Identity Manager create one profile per Task. It isn't necessary as most Synchronization tasks require the same permissions. #### Grant synchronization access rights to the profile -For an Agent to launch server-side Tasks from the Job via the [ -Usercube-Invoke-Job -](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md) tool, the profile linked to these tasks and used by the tool should be authorized to execute said tasks. +For an Agent to launch server-side Tasks from the Job via the [Usercube-Invoke-Job](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md) tool, the profile linked to these tasks and used by the tool should be authorized to execute said tasks. Server-side Tasks for a simple Synchronization job usually are: @@ -694,11 +666,7 @@ __Synchronization and Prepare-Synchronization__ - ```/Connectors/Connector/Query``` - ```/Connectors/SynchronizeSession``` -Granting access can be done via the [ -SynchronizationAccessControlRules -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) and the [ -Job View Access Control Rules -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md). +Granting access can be done via the [SynchronizationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) and the [Job View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md). The following examples should be written to ```Conf/Profile AgentSychro.xml```. @@ -718,7 +686,7 @@ with the following access rights: - `/Jobs/RunJob/Launch` This can be done via -the[ Job Execution Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) +the[Job Execution Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) scaffolding. ##### Example @@ -730,13 +698,9 @@ scaffolding. #### Declare usable ClientId/Secret pairs in the configuration -An Agent's a[ -Profile -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md)is associated with a ```ClientId/Secret``` pair used by the Agent to authenticate to the Server. +An Agent's a[Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md)is associated with a ```ClientId/Secret``` pair used by the Agent to authenticate to the Server. -Usable ```ClientId/Secret``` pairs are written to the database from the xml configuration using the [ -OpenIdClient -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) xml element. +Usable ```ClientId/Secret``` pairs are written to the database from the xml configuration using the [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) xml element. It is strongly recommended to write the `````` xml element to a new or existing ```OpenIdClients.xml``` file in the configuration root folder. @@ -744,9 +708,7 @@ The ```ClientId/Secret``` pair hence created must be associated with the profile ##### __Example__ -The following example creates a ```ClientId/Secret``` pair to be used by the Agent to authenticate to the Server and complete Jobs. The secret is hashed with the[ -Usercube-New-OpenIDSecret -](/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md) tool. +The following example creates a ```ClientId/Secret``` pair to be used by the Agent to authenticate to the Server and complete Jobs. The secret is hashed with the[Usercube-New-OpenIDSecret](/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md) tool. ``` @@ -759,7 +721,7 @@ Usercube-New-OpenIDSecret ``` - Conf/OpenIdClients.xml +**Conf/OpenIdClients.xml** ... @@ -801,9 +763,7 @@ Scheduling the job execution can rely either on Identity Manager's scheduler or #### With Scheduler -Use the [ -Job -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/job/index.md) attribute. +Use the [Job](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/job/index.md) attribute. > This example uses Identity Manager's scheduler to execute the ```SharePoint_Synchronization_Delta``` job every fifteen minutes: > @@ -819,9 +779,7 @@ For more details about checking Crontab expressions, see the [crontab.guru](http #### With an external scheduler -An external scheduler would rely on the [ -Usercube-Invoke-Job -](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md) tool. +An external scheduler would rely on the [Usercube-Invoke-Job](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md) tool. ##### Example @@ -838,7 +796,7 @@ The following command can be scheduled. It executes the ```SharePoint_Synchroniz ### Deploy configuration The configuration is written to the database using the -[ Deploy Configuration Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md). +[Deploy Configuration Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md). ### Test diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-fulfill-powershell-script/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-fulfill-powershell-script/index.md index 91129b9949..c838e485ef 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-fulfill-powershell-script/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-fulfill-powershell-script/index.md @@ -7,7 +7,7 @@ sidebar_position: 100 # Write a PowerShell Script for Provisioning This guide shows how to write a PowerShell script used by the -[ PowerShellProv ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md) connector. +[PowerShellProv](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md) connector. ## Structure of a PowerShell Script @@ -87,8 +87,7 @@ The previous parameter `$order` is an object corresponding to the following prov ``` { - "ProvisioningOrdersList": [ - { + "ProvisioningOrdersList": [{ "AssignedResourceTypeId": "3930001", "ChangeType": "Added", "WorkflowInstanceId": "81", @@ -119,8 +118,7 @@ The previous parameter `$order` is an object corresponding to the following prov "firstName": "James", "lastName": "Bond" } - } - ] + }] } ``` @@ -185,7 +183,7 @@ This is the last part of the function: ``` -Define how to send logs to Identity Manager +**Define how to send logs to Identity Manager** The three methods to log in Identity Manager are: @@ -199,7 +197,7 @@ Now that the function has been defined, the main code of the script can be writt ### Write the main code of the script -Read the options parameter from the standard input +**Read the options parameter from the standard input** The options parameter isn't mandatory in the JSON file. If it isn't provided, don't perform this step. @@ -213,7 +211,7 @@ $options.Message # -> Hello ``` -Rest of the main script +**Rest of the main script** In general, this part contains the code to connect to the external system and executes the `Usercube-Visit-Orders` script. diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-fulfill-robotframework-script/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-fulfill-robotframework-script/index.md index 61c533df8c..258cd78077 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-fulfill-robotframework-script/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-fulfill-robotframework-script/index.md @@ -7,7 +7,7 @@ sidebar_position: 130 # Write a Robot Framework Script This guide shows how to write a Robot Framework script that will be used by -[ Robot Framework ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/index.md). +[Robot Framework](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/index.md). ## Structure of a Robot Framework Script @@ -160,7 +160,7 @@ for additional information. | Keyword | Details | | -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----- | ------- | | Catch Keyword | **Arguments** `Keyword`: Keyword `*args` **Description** Launches `Keyword` with the given arguments `*args` if the keyword launched by `Try Keyword` failed. If `Try Keyword` was not called, this keyword will not do anything. `Catch Keyword` should always be called right after `Try Keyword`. **Example** Try to connect to `Usercube.com`. If the connection fails, restart the browser and try to connect to `Usercube.com`: `Connect to URL Try Keyword Go To Usercube.com Catch Keyword Restart Browser At URL Usercube.com` | -| Generate Password | **Description** Generates a password based on the [ Password Reset Settings ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) associated to the [Resource Type Mappings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/index.md) being provisioned. `Send Password Notification` should always be called after `Generate Password`, preferably right after the password is used. If `Send Password Notification` is not called before the provisioning of the resource is over, it will automatically be called. If multiple passwords should be generated, `Send Password Notification` should be called after each password generation. **Returns** `Password`: string | +| Generate Password | **Description** Generates a password based on the [Password Reset Settings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) associated to the [Resource Type Mappings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/index.md) being provisioned. `Send Password Notification` should always be called after `Generate Password`, preferably right after the password is used. If `Send Password Notification` is not called before the provisioning of the resource is over, it will automatically be called. If multiple passwords should be generated, `Send Password Notification` should be called after each password generation. **Returns** `Password`: string | | Get Secure Data | **Arguments** `Attribute`: string `Erase Data`: boolean **Description** Retrieves the secured option `Attribute` from the connector configuration. If `Erase Data` is set to true, the secured option is deleted once it is read. **Example** Get Login option and erase it: ```Get Secure Data | Login | True``` | | Launch Provisioning | **Description** Launches the provisioning defined by the provisioning orders. This keyword is required for any provisioning to happen. | | Log Debug | **Arguments** `Message`: string **Description** Logs `Message` at the `Debug` log level. **Example** Log a keyword failure message: `Log Debug The keyword has failed` | @@ -295,7 +295,7 @@ and `Generate Password` are exceptions. prompt. As an example, if the script requires a `Login` and `Password` attribute : `{"Login":"login","Password":"password"}` - `Generate Password`: This keyword expects a file that contains the - [ Password Reset Settings ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) + [Password Reset Settings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) associated to the provisioned [Resource Type Mappings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/index.md). The easiest way to enable the `Generate Password` keyword is as follow: @@ -369,7 +369,7 @@ We define all the custom functions which we will use to provision the external s - `Write Header`: defines the header to write in the CSV and calls `Write Data` to write it. - `Open Telnet Connection`: opens the Telnet connection to the external system using the login and the password defined in the - [ Robot Framework ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/index.md) attribute in + [Robot Framework](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/index.md) attribute in `appsettings.agent.json`, as well as the IP address defined in the `Variables` section. ``` diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-sync-powershell-script/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-sync-powershell-script/index.md index 0b6e9d3abf..ef507008ce 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-sync-powershell-script/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-sync-powershell-script/index.md @@ -7,6 +7,6 @@ sidebar_position: 110 # Write a PowerShell Script for Synchronization This guide shows how to write a PowerShell script used by the -[ PowerShellSync ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellsync/index.md) connector. +[PowerShellSync](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellsync/index.md) connector. The documentation is not yet available for this page and will be completed in the near future. diff --git a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-ticket-template/index.md b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-ticket-template/index.md index 66d4010a0b..5aeab453a1 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-ticket-template/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-ticket-template/index.md @@ -64,7 +64,7 @@ messages can be shown if several changes meet the condition. Please create a resource "{{ResourceType}}" for user {{Username}}. -For more information on the user, see: {{UsercubeProfileLink}} +**For more information on the user, see: {{UsercubeProfileLink}}** {{#ifCond ProvisioningOrder.ChangeType '==' 'Deleted'}} To delete the account, please contact the IT team. diff --git a/docs/identitymanager/saas/integration-guide/connectors/index.md b/docs/identitymanager/saas/integration-guide/connectors/index.md index dcee6e2af7..407e53252c 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/index.md @@ -89,7 +89,7 @@ Identity Manager's connectors all operate on the same basic principles. Technica - A connection describes the technology used that enables data to flow back and forth between Identity Manager and the managed system; See the - [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional + [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. > We want to use a connection `Directory/Active Directory` to perform synchronization and @@ -113,7 +113,7 @@ Identity Manager's connectors all operate on the same basic principles. Technica - The intent of resources within the managed system is made clear by categorizing resources into resource types. See the [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) and - [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topics for additional + [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topics for additional information. > We categorize AD resources into distinct resource types: `AD User (nominative)` for basic @@ -144,7 +144,7 @@ for additional information. | Connector | Description | Synchronization | Provisioning | | ------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------- | ------------ | | Active Directory | Exports and fulfills data from/to an Active Directory instance. See the [Active Directory](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/activedirectory/index.md) topic for additional information. | √ | √ | -| Azure | Exports Azure resources, role definitions and role assignments. See the [ Azure ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/azure/index.md) topic for additional information. | √ | X | +| Azure | Exports Azure resources, role definitions and role assignments. See the [Azure](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/azure/index.md) topic for additional information. | √ | X | | Microsoft Entra ID (formerly Microsoft Azure AD) | Exports and fulfills data from/to a Microsoft Entra ID instance. See the Microsoft Entra ID, [For Microsoft Entra ID](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/create-connector/entra-ID/index.md), and [For Microsoft Entra ID](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/setup-incremental-sync/entra-ID/index.md) topics for additional information. | √ | X | | CSV | Exports data from a CSV file. See the [CSV](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/csv/index.md) topic for additional information. | √ | X | | EasyVista | Exports data from an EasyVista-compliant system. See the [EasyVista](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvista/index.md) topic for additional information. | √ | √ | @@ -160,9 +160,9 @@ for additional information. | Microsoft Exchange | Exports data from a Microsoft Exchange instance. See the [Microsoft Exchange](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftexchange/index.md) topic for additional information. | √ | √ | | OData | Exports entities from an OData instance. See the [OData](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/odata/index.md) topic for additional information. | √ | X | | OpenLDAP | Exports and fulfills from/to an OpenLDAP directory. See the [OpenLDAP](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/openldap/index.md) topic for additional information. | √ | √ | -| PowerShell | Executes PowerShell scripts to generate CSV source files from otherwise unsupported sources. See the [PowerShellProv](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md), [Write a PowerShell Script for Provisioning](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-fulfill-powershell-script/index.md), and [ Fulfill Microsoft Exchange via PowerShell ](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/powershell-fulfill/index.md) topics for additional information. | X | √ | +| PowerShell | Executes PowerShell scripts to generate CSV source files from otherwise unsupported sources. See the [PowerShellProv](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md), [Write a PowerShell Script for Provisioning](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-fulfill-powershell-script/index.md), and [Fulfill Microsoft Exchange via PowerShell](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/powershell-fulfill/index.md) topics for additional information. | X | √ | | RACF | Exports data from a RACF file. See the [RACF](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/racf/index.md) topic for additional information. | √ | X | -| Robot Framework | Executes Robot Framework scripts to fulfill data to external systems. See the [Robot Framework](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/index.md), [ Write a Robot Framework Script ](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-fulfill-robotframework-script/index.md), [Interact with a Web Page via Robot Framework](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/interact-web-page-robotframework/index.md), and [Interact with a GUI Application via Robot Framework](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/interact-gui-robotframework/index.md) topics for additional information. | X | √ | +| Robot Framework | Executes Robot Framework scripts to fulfill data to external systems. See the [Robot Framework](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/index.md), [Write a Robot Framework Script](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/write-fulfill-robotframework-script/index.md), [Interact with a Web Page via Robot Framework](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/interact-web-page-robotframework/index.md), and [Interact with a GUI Application via Robot Framework](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/interact-gui-robotframework/index.md) topics for additional information. | X | √ | | SAP | Exports and fulfills data from/to an SAP system. See the [SAP Netweaver](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sapnetweaver/index.md) topic for additional information. | √ | X | | SAP ERP 6.0 | Exports and fulfills data from/to an SAP ERP 6.0 system. See the [SAP ERP 6.0 and SAP S4/HANA](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/saperp6/index.md) topics for additional information. | √ | √ | | SCIM | Exports and fulfills data from/to a SCIM-compliant web application. See the [SCIM](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/scim/index.md), [Export CyberArk Data via SCIM ](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/scim-cyberark-export/index.md) and [ Provision Salesforce Users' Profiles via SCIM](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/scim-salesforce-provisioning-entitlements/index.md) topics for additional information. | √ | √ | @@ -171,6 +171,6 @@ for additional information. | SharedFolder | Scans a Windows file directory and exports a list of folders, files, users and their associated permissions. See the [SharedFolders](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharedfolder/index.md) topic for additional information. | √ | X | | SharePoint | Exports a SharePoint's list of objects, users, groups, roles and their relationships. See the [SharePoint](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharepoint/index.md) and [Set up SharePoint's Export and Synchronization](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/sharepoint-export/index.md) topics for additional information. | √ | √ | | SQL | Exports data from various Database Management Systems. See the [Sql](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sql/index.md) topic for additional information. | √ | X | -| SQL Server Entitlements | Exports server and database principals from Microsoft SQL Server. See the [ Sql Server Entitlements ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md) topic for additional information. | √ | X | -| Top Secret | Exports the Top Secret (TSS) users and profiles. See the [ Top Secret ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/topsecret/index.md) topic for additional information. | √ | X | -| Workday | Exports data from a Workday instance. See the [ Workday ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/workday/index.md) topic for additional information. | √ | X | +| SQL Server Entitlements | Exports server and database principals from Microsoft SQL Server. See the [Sql Server Entitlements](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md) topic for additional information. | √ | X | +| Top Secret | Exports the Top Secret (TSS) users and profiles. See the [Top Secret](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/topsecret/index.md) topic for additional information. | √ | X | +| Workday | Exports data from a Workday instance. See the [Workday](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/workday/index.md) topic for additional information. | √ | X | diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/activedirectory/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/activedirectory/index.md index 9685645729..8e3824d208 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/activedirectory/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/activedirectory/index.md @@ -116,12 +116,11 @@ The identifier of the connection and thus the name of the subsection must: >                     "Connections": { >                     "ADExport": { >                     "Filter": "(objectclass=*)", ->                     "Servers": [ ->                     { +>                     "Servers": [>                     { >                     "Server": "contoso.server.com", >                     "BaseDN": "DC=contoso,DC=com" >                     } ->                     ], +>], >                     "AuthType": "Basic", >                     "AsAdLds": false, >                     "EnableSSL": true, @@ -158,16 +157,19 @@ This connector is meant to generate: ConnectionColumn and each property without it but used in an entity association; Any property can be exported in a specific format when specified. See the - [ References: Format for the EntityPropertyMapping ](/docs/identitymanager/saas/integration-guide/connectors/entitypropertymapping-format/index.md) + [References: Format for the EntityPropertyMapping](/docs/identitymanager/saas/integration-guide/connectors/entitypropertymapping-format/index.md) topic for additional information. - An additional file for each related table other than entries; - A cookie file named ``\_cookie.bin, containing the time of the last export in order to perform incremental exports. - **NOTE:** Most exports can be run in complete mode, where the CSV files will contain all + :::note + Most exports can be run in complete mode, where the CSV files will contain all entries, or in incremental mode, where CSV files will contain only the entries which have been modified since the last synchronization. + ::: + A task can use the IgnoreCookieFile boolean property, and a command line (with an executable) can use the option --ignore-cookies. @@ -235,8 +237,7 @@ written to the same CSV file. >                     ... >                     "Connections": { >                     "ADExport": { ->                     "Servers": [ ->                     { +>                     "Servers": [>                     { >                     "Server": "", >                     "BaseDN": "" >                     }, @@ -244,7 +245,7 @@ written to the same CSV file. >                     "Server": "", >                     "BaseDN": "" >                     } ->                     ], +>], >                     "AuthType": "", >                     "Login": "", >                     "Password": "", @@ -282,12 +283,11 @@ Same as for export, fulfill is configured through connections. >                     "Connections": { >                     ... >                     "ADFulfillment": { ->                     "Servers": [ ->                     { +>                     "Servers": [>                     { >                     "Server": "", >                     "BaseDN": "" >                     } ->                     ], +>], >                     "AuthType": "Basic", >                     "AsAdLds": "true", >                     "EnableSSL": true, @@ -337,16 +337,14 @@ appsettings.agent.json                 "Connections": {                 ...                 "ADFulfillment": { -                "Servers": [ -                { +                "Servers": [{                 "Server": "",                 "BaseDN": ""                 },                 {                 "Server": "",                 "BaseDN": "" -                } -                ], +                }],                 "AuthType": "Basic",                 "Login": "",                 "Password": "", @@ -400,7 +398,7 @@ topic for additional information on how to configure password reset settings. Data protection can be ensured through: - RSA encryption, configured in the appsettings.encrypted.agent.json file. See the - [ RSA Encryption ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) + [RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) topic for additional information. - An Azure Key Vault safe; See the [Azure Key Vault](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/azure/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/azure/index.md index f6d82a091f..202b260ea1 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/azure/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/azure/index.md @@ -10,7 +10,7 @@ This connector exports [Azure](https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-azure) resources, role definitions and assignments. -This page is about [ Azure ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/azure/index.md). +This page is about [Azure](/docs/identitymanager/saas/integration-guide/connectors/references-packages/azure/index.md). ![Package: Cloud/Azure](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/azure/packages_azure_v603.webp) @@ -28,12 +28,12 @@ and role assignments to CSV files. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` - appsettings.agent.json +**appsettings.agent.json** { ... "Connections": { ... "": { ... } } } @@ -130,9 +130,7 @@ This connector does not reset passwords. Data protection can be ensured through: -- [ - RSA Encryption - ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) configured in the ```appsettings.encrypted.agent.json``` file; +- [RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) configured in the ```appsettings.encrypted.agent.json``` file; - An [Azure Key Vault](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) safe; - A [CyberArk's AAM Credential Providers diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/csv/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/csv/index.md index cb63b72be9..70e9020243 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/csv/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/csv/index.md @@ -8,7 +8,7 @@ sidebar_position: 40 This connector exports data from a [CSV file](https://en.wikipedia.org/wiki/Comma-separated_values). -This page is about [ CSV ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/csv/index.md). +This page is about [CSV](/docs/identitymanager/saas/integration-guide/connectors/references-packages/csv/index.md). ![Package: File/CSV](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/csv/packages_csv_v603.webp) @@ -28,7 +28,7 @@ Identity Manager's format. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -65,10 +65,9 @@ The identifier of the connection and thus the name of the subsection must: > "Separator": ";", > "IsFileNameRegex": true, > "NumberOfLinesToSkip": 1, -> "ValuesToTrim": [ -> "*", +> "ValuesToTrim": [> "*", > "%" -> ] +>] > } > } > } @@ -81,7 +80,89 @@ The identifier of the connection and thus the name of the subsection must: | Path Required if PathIncremental is not defined. | **Type** String **Description** Path of the input file to be used for complete synchronization. | | PathIncremental Required if Path is not defined. | **Type** String **Description** Path of the input file to be used for incremental synchronization. | | IsFileNameRegex optional | **Type** Boolean **Description** `True` to enter a regex instead of a normal string for `Path` and `PathIncremental`. **Note:** if several files correspond to the regex, then the export will use the last created file. **Info:** useful when the filename is only partially known, for example when using a generated file. | -| ValuesToTrim optional | **Type** String List **Description** Ordered list of the characters to trim at the beginning and at the end of the headers and values of the input file. **Note:** the second value will be trimmed after the first, the order is important. **Example** When writing `$` first and then `%` in `ValuesToTrim`, then "$%I am an example$%" becomes "I am an example$". | +| ValuesToTrim optional | **Type** String List **Description** Ordered list of the characters to trim at the beginning and at the end of the headers and values of the input file. **Note:** the second value will be trimmed after the first, the order is important. **Example** When writing `--- +title: "CSV" +description: "CSV" +sidebar_position: 40 +--- + +# CSV + +This connector exports data from a [CSV file](https://en.wikipedia.org/wiki/Comma-separated_values). + +This page is about [CSV](/docs/identitymanager/saas/integration-guide/connectors/references-packages/csv/index.md). + +![Package: File/CSV](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/csv/packages_csv_v603.webp) + +## Overview + +Files in CSV format are commonly used to store information. + +## Prerequisites + +Implementing this connector requires the source file to be in CSV format. + +## Export + +This export copies the information found in a CSV file and transforms it into a new CSV file in the +Identity Manager's format. + +### Configuration + +This process is configured through a +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +the XML configuration, and in the `appsettings.agent.json > Connections` section: + +``` +appsettings.agent.json +{ + ... + "Connections": { + ... + "": { + ... + } + } +} +``` + +The identifier of the connection and thus the name of the subsection must: + +- be unique. +- not begin with a digit. +- not contain `<`, `>`, `:`, `"`, `/`, `\`, `|`, `?`, `*` and `_`. + +> For example: +> +> ``` +> appsettings.agent.json +> { +> ... +> "Connections": { +> ... +> "HRContoso": { +> "Path": "C:/identitymanagerContoso/Contoso/hr_conto(.*?).csv", +> "PathIncremental": "C:/identitymanagerContoso/Contoso/hr_delta_conto(.*?).csv", +> "Encoding": "UTF-16", +> "Separator": ";", +> "IsFileNameRegex": true, +> "NumberOfLinesToSkip": 1, +> "ValuesToTrim": [> "*", +> "%" +>] +> } +> } +> } +> ``` + +#### Setting attributes + +| Name | Details | +| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Path Required if PathIncremental is not defined. | **Type** String **Description** Path of the input file to be used for complete synchronization. | +| PathIncremental Required if Path is not defined. | **Type** String **Description** Path of the input file to be used for incremental synchronization. | +| IsFileNameRegex optional | **Type** Boolean **Description** `True` to enter a regex instead of a normal string for `Path` and `PathIncremental`. **Note:** if several files correspond to the regex, then the export will use the last created file. **Info:** useful when the filename is only partially known, for example when using a generated file. | + first and then `%` in `ValuesToTrim`, then "$%I am an example$%" becomes "I am an example$". | | Encoding default value: UTF-8 | **Type** String **Description** Encoding of the input file. [See the list of available encodings](https://learn.microsoft.com/en-us/dotnet/api/system.text.encoding#see-the-list-of-available-encodings). | | NumberOfLinesToSkip default value: 0 | **Type** Int32 **Description** Number of lines to skip in order to reach the line used as data header. | @@ -113,8 +194,8 @@ This connector does not reset passwords. ### Credential protection This connector has no credential attributes, and therefore does not use -[](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), -nor a [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md). +[](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), +nor a [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md). Still, data protection can be ensured through an -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe. +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvista/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvista/index.md index d3738b4d88..d0d12ef89b 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvista/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvista/index.md @@ -39,7 +39,7 @@ It can also export any custom entity, provided that a view exists for it in Easy ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -218,9 +218,9 @@ topic to find out more on how to configure password reset settings. Data protection can be ensured through: -- [](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), +- [](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; - A [CyberArk's AAM Credential Providers ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md) diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvistaticket/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvistaticket/index.md index e07bde6746..6615ffc5af 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvistaticket/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvistaticket/index.md @@ -10,7 +10,7 @@ This connector opens tickets in [EasyVista](https://wiki.easyvista.com/xwiki/bin/view/Documentation/?language=en) for manual provisioning. -This page is about [ EasyVista Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/easyvistaticket/index.md). +This page is about [EasyVista Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/easyvistaticket/index.md). ![Package: Ticket/EasyVista](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvistaticket/packages_easyvistaticket_v603.webp) @@ -34,7 +34,7 @@ Implementing this connector requires: ## Export This connector exports some of EasyVista entities, see the export capabilities of the -[ EasyVista ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/easyvista/index.md) connector. Some entities cannot be +[EasyVista](/docs/identitymanager/saas/integration-guide/connectors/references-packages/easyvista/index.md) connector. Some entities cannot be exported. ## Fulfill @@ -49,7 +49,7 @@ resource accordingly. See the [Entitlement Assignment](/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md) topic to find out more on how to configure password reset settings. -See the fulfill capabilities of the [ EasyVista ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvista/index.md) connector. +See the fulfill capabilities of the [EasyVista](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvista/index.md) connector. > For example: > @@ -76,9 +76,9 @@ topic to find out more on how to configure password reset settings. Data protection can be ensured through: -- [ RSA Encryption ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), +- [RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; - a [CyberArk's AAM Credential Providers ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md) diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/excel/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/excel/index.md index f3033d30b6..e9b5aefcfe 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/excel/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/excel/index.md @@ -9,7 +9,7 @@ sidebar_position: 140 This connector exports datasheets from a [Microsoft Excel](https://www.microsoft.com/en-us/microsoft-365/excel) (XLSX) file. -This page is about [ Excel ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/excel/index.md). +This page is about [Excel](/docs/identitymanager/saas/integration-guide/connectors/references-packages/excel/index.md). ![Package: File/Microsoft Excel](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/excel/packages_excel_v603.webp) @@ -29,7 +29,7 @@ filtering out spreadsheets and trimming values if needed. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -63,19 +63,105 @@ The identifier of the connection and thus the name of the subsection must: > "Path": "C:/identitymanagerContoso/Contoso/hr_conto(.*?).xlsx", > "PathIncremental": "C:/identitymanagerContoso/Contoso/hr_delta_conto(.*?).xlsx", > "IsFileNameRegex": "true", -> "SheetOptions": [ +> "SheetOptions": [> { +> "SheetIgnored": "false", +> "NumberOfLinesToSkip": 1 +> }, > { +> "SheetIgnored": "true" +> } +>], +> "ValuesToTrim": [> "$", +> "%" +>] +> } +> } +> } +> ``` + +#### Setting attributes + +| Name | Details | +| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Path Required if PathIncremental is not defined. | **Type** String **Description** Path of the input file to be used for complete synchronization. | +| PathIncremental Required if Path is not defined. | **Type** String **Description** Path of the input file to be used for incremental synchronization. | +| IsFileNameRegex optional | **Type** Boolean **Description** `True` to enter a regex instead of a normal string for `Path` and `PathIncremental`. **Note:** if several files correspond to the regex, then the export will use the last created file. **Info:** useful when the filename is only partially known, for example when using a generated file. | +| ValuesToTrim optional | **Type** String List **Description** Ordered list of the characters to trim at the beginning and at the end of the headers and values of the input file. **Note:** the second value will be trimmed after the first, the order is important. **Example** When writing `--- +title: "Microsoft Excel" +description: "Microsoft Excel" +sidebar_position: 140 +--- + +# Microsoft Excel + +This connector exports datasheets from a +[Microsoft Excel](https://www.microsoft.com/en-us/microsoft-365/excel) (XLSX) file. + +This page is about [Excel](/docs/identitymanager/saas/integration-guide/connectors/references-packages/excel/index.md). + +![Package: File/Microsoft Excel](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/excel/packages_excel_v603.webp) + +## Overview + +Microsoft Excel files using the XLSX file format are commonly used to store information. + +## Prerequisites + +Implementing this connector requires the input file to be in the XLSX format. + +## Export + +This connector copies the information from an XLSX file into CSV files, one per spreadsheet, while +filtering out spreadsheets and trimming values if needed. + +### Configuration + +This process is configured through a +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +the XML configuration, and in the `appsettings.agent.json > Connections` section: + +``` +appsettings.agent.json +{ + ... + "Connections": { + ... + "": { + ... + } + } +} +``` + +The identifier of the connection and thus the name of the subsection must: + +- be unique. +- not begin with a digit. +- not contain `<`, `>`, `:`, `"`, `/`, `\`, `|`, `?`, `*` and `_`. + +> For example: +> +> ``` +> appsettings.agent.json +> { +> ... +> "Connections": { +> ... +> "HRContoso": { +> "Path": "C:/identitymanagerContoso/Contoso/hr_conto(.*?).xlsx", +> "PathIncremental": "C:/identitymanagerContoso/Contoso/hr_delta_conto(.*?).xlsx", +> "IsFileNameRegex": "true", +> "SheetOptions": [> { > "SheetIgnored": "false", > "NumberOfLinesToSkip": 1 > }, > { > "SheetIgnored": "true" > } -> ], -> "ValuesToTrim": [ -> "$", +>], +> "ValuesToTrim": [> "$", > "%" -> ] +>] > } > } > } @@ -88,7 +174,7 @@ The identifier of the connection and thus the name of the subsection must: | Path Required if PathIncremental is not defined. | **Type** String **Description** Path of the input file to be used for complete synchronization. | | PathIncremental Required if Path is not defined. | **Type** String **Description** Path of the input file to be used for incremental synchronization. | | IsFileNameRegex optional | **Type** Boolean **Description** `True` to enter a regex instead of a normal string for `Path` and `PathIncremental`. **Note:** if several files correspond to the regex, then the export will use the last created file. **Info:** useful when the filename is only partially known, for example when using a generated file. | -| ValuesToTrim optional | **Type** String List **Description** Ordered list of the characters to trim at the beginning and at the end of the headers and values of the input file. **Note:** the second value will be trimmed after the first, the order is important. **Example** When writing `$` first and then `%` in `ValuesToTrim`, then "$%I am an example$%" becomes "I am an example$". | + first and then `%` in `ValuesToTrim`, then "$%I am an example$%" becomes "I am an example$". | | | | | --- | --- | | SheetOptions optional | **Type** Sheet Option List **Description** List of options for each sheet of the input file. The first element of the list sets the options for the first sheet, the second element for the second sheet, etc. | @@ -133,7 +219,7 @@ This connector does not reset passwords. ### Credential protection This connector has no credential attributes, and therefore does not use -[ RSA Encryption ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), nor +[RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), nor a [CyberArk's AAM Credential Providers ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)Vault. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/googleworkspace/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/googleworkspace/index.md index 2f32bda5f6..1d1ea03c33 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/googleworkspace/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/googleworkspace/index.md @@ -9,7 +9,7 @@ sidebar_position: 70 This connector exports and fulfills users and groups from/to a [Google Workspace](https://developers.google.com/workspace) instance. -This page is about [ Google Workspace ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/googleworkspace/index.md). +This page is about [Google Workspace](/docs/identitymanager/saas/integration-guide/connectors/references-packages/googleworkspace/index.md). ![Package: Directory/Google Workspace](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/googleworkspace/packages_workspace_v603.webp) @@ -34,8 +34,11 @@ Implementing this connector requires: [Google's documentation](https://developers.google.com/workspace/guides/create-credentials#googles-documentation) Google's documentation to create the service account with the right impersonation. - _Remember,_ Google's documentation describes this procedure as optional, while the Google + :::tip + Remember, Google's documentation describes this procedure as optional, while the Google Workspace connector requires it. + ::: + ## Export @@ -45,7 +48,7 @@ and write the output to CSV files. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -166,7 +169,7 @@ This connector does not reset passwords. ### Credential protection This connector has no credential attributes, and therefore does not use -[ RSA Encryption ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), nor +[RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), nor a [CyberArk's AAM Credential Providers ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)Vault. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/homefolder/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/homefolder/index.md index a31b39b4f3..e3897a4f58 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/homefolder/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/homefolder/index.md @@ -8,7 +8,7 @@ sidebar_position: 80 This connector exports [home folders](https://en.wikipedia.org/wiki/Home_directory)' content. -This page is about [ Home Folders ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/home-folders/index.md). +This page is about [Home Folders](/docs/identitymanager/saas/integration-guide/connectors/references-packages/home-folders/index.md). ![Package: Storage/Home Folders](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/homefolder/packages_homefolders_v603.webp) @@ -40,7 +40,7 @@ This connector performs only complete export, not incremental. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -71,10 +71,9 @@ The identifier of the connection and thus the name of the subsection must: > "Connections": { > ... > "HomeFolderExport": { -> "InputDirectories": [ -> "C:/ContosoFolder", +> "InputDirectories": [> "C:/ContosoFolder", > "C:/ContosoFolder2", -> ], +>], > "Domain": "Windows", > "Interactive": true, > "Login": "Contoso", @@ -128,9 +127,9 @@ This connector does not reset passwords. Data protection can be ensured through: -- [](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), +- [](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)safe; +- An [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)safe; -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store Home Folder's `Login` and `Password`. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/index.md index 20db6db19c..d34e474012 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/index.md @@ -13,27 +13,27 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills users and groups from/to an Active Directory instance. -- [ Azure ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/azure/index.md) +- [Azure](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/azure/index.md) Exports Azure resources, role definitions and assignments. -- [ CSV ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/csv/index.md) +- [CSV](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/csv/index.md) Exports data from a CSV file. -- [ EasyVista ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvista/index.md) +- [EasyVista](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvista/index.md) Exports and fulfills users from/to an EasyVista-compliant system. -- [ EasyVista Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvistaticket/index.md) +- [EasyVista Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/easyvistaticket/index.md) Opens tickets in EasyVista for manual provisioning. -- [ Google Workspace ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/googleworkspace/index.md) +- [Google Workspace](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/googleworkspace/index.md) Exports and fulfills users and groups from/to a Google Workspace instance. -- [ Home Folder ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/homefolder/index.md) +- [Home Folder](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/homefolder/index.md) Exports home folders' content. @@ -49,7 +49,7 @@ organization's systems. Here is a list of reference connectors: Generates JSON files for each provisioning order. -- [ LDAP ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldap/index.md) +- [LDAP](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldap/index.md) Exports and fulfills entries from/to a LDAP-compliant system. @@ -61,15 +61,15 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills user and groups from/to a Microsoft Entra ID instance. -- [ Microsoft Excel ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/excel/index.md) +- [Microsoft Excel](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/excel/index.md) Exports datasheets from a Microsoft Excel (XLSX) file. -- [ Microsoft Exchange ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftexchange/index.md) +- [Microsoft Exchange](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftexchange/index.md) Exports mailboxes from a Microsoft Exchange instance. -- [ OData ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/odata/index.md) +- [OData](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/odata/index.md) Exports and fulfills entries from/to an OData instance. @@ -77,23 +77,23 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills entries from/to an Okta instance. -- [ OpenLDAP ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/openldap/index.md) +- [OpenLDAP](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/openldap/index.md) Exports and fulfills entries from/to an OpenLDAP directory. -- [ PowerShellProv ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md) +- [PowerShellProv](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md) Writes to an external system via a PowerShell script. -- [ PowerShellSync ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellsync/index.md) +- [PowerShellSync](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellsync/index.md) Exports data from an external system via a Powershell script. -- [ RACF ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/racf/index.md) +- [RACF](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/racf/index.md) Exports users and profiles from a RACF file. -- [ Robot Framework ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/index.md) +- [Robot Framework](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/index.md) Writes to an external system via a Robot Framework script. @@ -101,7 +101,7 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills users and roles from/to a SAP ERP 6.0 or SAP S4/HANA instance. -- [ SAP Netweaver ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sapnetweaver/index.md) +- [SAP Netweaver](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sapnetweaver/index.md) Exports and fulfills users and roles from/to a SAP Netweaver instance. @@ -109,15 +109,15 @@ organization's systems. Here is a list of reference connectors: Exports and fulfills entities from/to a SCIM-compliant application. -- [ ServiceNow ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md) +- [ServiceNow](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md) Exports and fulfills any data from/to a ServiceNow CMDB. -- [ ServiceNowTicket ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowticket/index.md) +- [ServiceNowTicket](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowticket/index.md) Opens tickets in ServiceNow for manual provisioning. -- [ SharedFolders ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharedfolder/index.md) +- [SharedFolders](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharedfolder/index.md) Exports users and permissions from Windows shared folders. @@ -125,18 +125,18 @@ organization's systems. Here is a list of reference connectors: Exports sites, folders, groups and permissions from a SharePoint instance. -- [ Sql ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sql/index.md) +- [Sql](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sql/index.md) Exports data from one of various Database Management Systems. -- [ Sql Server Entitlements ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md) +- [Sql Server Entitlements](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md) Exports entitlements from Microsoft SQL Server. -- [ Top Secret ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/topsecret/index.md) +- [Top Secret](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/topsecret/index.md) Exports users and profiles from a Top Secret (TSS) instance. -- [ Workday ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/workday/index.md) +- [Workday](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/workday/index.md) Exports users and groups from a Workday instance. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalresources/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalresources/index.md index 4eeefc8016..4618dfa300 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalresources/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalresources/index.md @@ -13,8 +13,8 @@ This page is about: - Ticket/Identity Manager - Ticket/Identity Manager And Create/Update/Delete resources -See the [ Manual Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/manual-ticket/index.md) and -[ Manual Ticket and CUD Resources ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/manual-ticket-and-cud-resources/index.md) +See the [Manual Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/manual-ticket/index.md) and +[Manual Ticket and CUD Resources](/docs/identitymanager/saas/integration-guide/connectors/references-packages/manual-ticket-and-cud-resources/index.md) topics for additional information. ![Package: Ticket/identitymanager](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalresources/packages_identitymanagerticket_v603.webp) @@ -22,5 +22,5 @@ topics for additional information. ![Package: Ticket/identitymanager And Create/Update/Delete resources](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalresources/packages_identitymanagerticketcud_v603.webp) See the -[ Provision Manually ](/docs/identitymanager/saas/user-guide/administrate/provisioning/manual-provisioning/index.md) +[Provision Manually](/docs/identitymanager/saas/user-guide/administrate/provisioning/manual-provisioning/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalworkflow/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalworkflow/index.md index 37c40e30ee..ede147cec3 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalworkflow/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalworkflow/index.md @@ -9,7 +9,7 @@ sidebar_position: 90 This connector triggers workflows in Identity Manager for a system's provisioning orders. This page is about Identity Manager Internal Workflow. See the -[ Workflow ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/workflow/index.md) topic for additional information. +[Workflow](/docs/identitymanager/saas/integration-guide/connectors/references-packages/workflow/index.md) topic for additional information. ![Package: Usercube/Workflow](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalworkflow/packages_workflow_v603.webp) @@ -29,7 +29,7 @@ message and body. Implementing this connector requires: - Knowledge of the basic principles of Identity Manager's workflows. See the - [ Workflow ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/workflow/index.md) topic for additional information. + [Workflow](/docs/identitymanager/saas/integration-guide/connectors/references-packages/workflow/index.md) topic for additional information. - Configuring in Identity Manager the workflows for the arrival of a new user, the update of a pre-existing user, and for the departure of a user @@ -64,7 +64,10 @@ appsettings.agent.json } ``` -**NOTE:** The identifier of the connection and thus the name of the subsection must: +:::note +The identifier of the connection and thus the name of the subsection must: +::: + - be unique - not begin with a digit @@ -94,7 +97,7 @@ The configuration setting must have the following attributes: | ------------------------- | ------ | ------------------------------------------------------- | | WorkflowJsonPath required | String | Path of the JSON file used to configure this connector. | -WorkflowJsonPath +**WorkflowJsonPath** The file specified in WorkflowJsonPath must have a specific structure. @@ -110,8 +113,7 @@ FulfillInternalWorkflow.json   "NavigationToTargetEntity": "User",   "NavigationTargetToSource": "Records",   "TargetEntityTypeIdentifier": "Directory_User", -  "FulfillInternalWorkflowConfigurations": [ -    { +  "FulfillInternalWorkflowConfigurations": [{       "ChangeType": "Added",       "Model": {         "WorkflowIdentifier": "Directory_User_StartInternal", @@ -123,13 +125,10 @@ FulfillInternalWorkflow.json         "LastName",         "FirstName",         "ContractStartDate", -        "ContractEndDate" -      ], -      "NavigationProperties": [ -        "Category", +        "ContractEndDate"], +      "NavigationProperties": ["Category",         "Service", -        "Site" -      ] +        "Site"]     },     {       "ChangeType": "Modified", @@ -139,10 +138,8 @@ FulfillInternalWorkflow.json         "Message": "workflow Update: $Resource:LastName$ - $Resource:FirstName$, EmployeeId: $Resource:EmployeeId$",         "Body": "body of workflow Update for  $Resource:EmployeeId$ "       }, -      "ScalarProperties": [ -        "FirstName", -        "LastName" -      ] +      "ScalarProperties": ["FirstName", +        "LastName"]     },     {       "ChangeType": "Deleted", @@ -152,19 +149,20 @@ FulfillInternalWorkflow.json         "Message": "workflow end Directory_Person for $Resource:LastName$ - $Resource:FirstName$",         "Body": "body if workflow end for $Resource:LastName$ - $Resource:FirstName$"       }, -      "DateProperties": [ -        "ContractEndDate" -      ] +      "DateProperties": ["ContractEndDate"]     }   ] } ``` -_Remember,_ as workflows' aspects are computed during the fulfill process, all the required +:::tip +Remember, as workflows' aspects are computed during the fulfill process, all the required properties must be present in the provisioning order and in this JSON file. +::: + -Setting attributes +**Setting attributes** The table below summarizes the setting attributes. @@ -175,8 +173,8 @@ The table below summarizes the setting attributes. | DateProperties optional | DateTime List | List of the properties corresponding to the dates that the workflow is to fill in. **NOTE:** When not specified and ChangeType is set to Deleted, then the dates are filled with the workflow's execution date. | | Message required | String | Message sent to the accounts impacted by the workflow. | | NavigationProperties optional | String List | List of the navigation properties to get from the provisioning orders in order to complete the workflow. | -| NavigationTargetToSource optional | String | Navigation property that makes the link from the target entity type to the source entity type. **NOTE:** Required when using records. For example, it's not required when working with departments or sites. See the[ Position Change via Records ](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information. | -| NavigationToTargetEntity optional | String | Navigation property that makes the link from the source entity type to the target entity type. **NOTE:** Required when using records. For example, it's not required when working with departments or sites. See the[ Position Change via Records ](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information. | +| NavigationTargetToSource optional | String | Navigation property that makes the link from the target entity type to the source entity type. **NOTE:** Required when using records. For example, it's not required when working with departments or sites. See the[Position Change via Records](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information. | +| NavigationToTargetEntity optional | String | Navigation property that makes the link from the source entity type to the target entity type. **NOTE:** Required when using records. For example, it's not required when working with departments or sites. See the[Position Change via Records](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information. | | ScalarProperties optional | String List | List of the scalar properties to get from the provisioning orders in order to complete the workflow. | | SourceEntityIdentifier required | String | Identifier of the source entity type of the workflow. | | TransitionIdentifier required | String | Identifier of the workflow's transition after execution. | @@ -199,15 +197,15 @@ Internal Workflow. See the following to figure out authentication. -Password reset +**Password reset** This connector does not reset passwords. -Credential protection +**Credential protection** This connector has no credential attributes, and therefore does not use RSA encryption, nor a CyberArk Vault. See the -[ RSA Encryption ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) and +[RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) and [CyberArk's AAM Credential Providers ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md) topics for additional information. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/json/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/json/index.md index e679909891..cafba7f1e3 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/json/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/json/index.md @@ -9,7 +9,7 @@ sidebar_position: 110 This connector generates [JSON](https://www.json.org/json-en.html) files for each provisioning order. -This page is about [ JSON ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/json/index.md) +**This page is about [JSON](/docs/identitymanager/saas/integration-guide/connectors/references-packages/json/index.md)** ![Package: Custom/JSON](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/json/packages_json_v603.webp) diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldap/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldap/index.md index e95931a828..564e162579 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldap/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldap/index.md @@ -10,10 +10,10 @@ This connector exports and fulfills entries from/to an [LDAP](https://ldap.com/) This page is about: -- [ Generic LDAP ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-ldap/index.md); -- [ Oracle LDAP ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/oracle-ldap/index.md); -- [ Apache Directory ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/apache-directory/index.md); -- [ Red Hat Directory Server ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/red-hat-directory-server/index.md). +- [Generic LDAP](/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-ldap/index.md); +- [Oracle LDAP](/docs/identitymanager/saas/integration-guide/connectors/references-packages/oracle-ldap/index.md); +- [Apache Directory](/docs/identitymanager/saas/integration-guide/connectors/references-packages/apache-directory/index.md); +- [Red Hat Directory Server](/docs/identitymanager/saas/integration-guide/connectors/references-packages/red-hat-directory-server/index.md). ![Package: Directory/Generic LDAP](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldap/packages_ldapgeneric_v603.webp) @@ -41,7 +41,7 @@ connector's configuration. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -71,8 +71,7 @@ The identifier of the connection and thus the name of the subsection must: > "Connections": { > ... > "LDAPExport": { -> "Servers": [ -> { +> "Servers": [> { > "Server": "contoso.server.com", > "AuthType": "Basic", > "Login": "Contoso", @@ -80,13 +79,12 @@ The identifier of the connection and thus the name of the subsection must: > "Controls": [ > "PagedResult", > "DomainScope" -> ], +>], > "NoSigning": false, > "EnableSSL": true > } > ], -> "Tables": [ -> { +> "Tables": [> { > "Table": "entries", > "BaseDN": "DC=contoso,DC=com", > "Filter": "(objectclass=*)", @@ -98,7 +96,7 @@ The identifier of the connection and thus the name of the subsection must: > "Filter": "(&(member=*)(objectclass=groupOfEntries))", > "Scope": "Subtree" > } -> ], +>], > "SizeLimit": 5000, > "TimeLimit": 5, > "TimeOut": 30 @@ -153,7 +151,7 @@ with one column for each property having a `ConnectionColumn` and each property in an entity association. Any property can be exported in a specific format when specified. See the -[ References: Format for the EntityPropertyMapping ](/docs/identitymanager/saas/integration-guide/connectors/entitypropertymapping-format/index.md) +[References: Format for the EntityPropertyMapping](/docs/identitymanager/saas/integration-guide/connectors/entitypropertymapping-format/index.md) topic for additional information. > With the previous example and the following entity type mapping: @@ -202,20 +200,18 @@ Same as for export, fulfill is configured through connections. > "Connections": { > ... > "LDAPFulfillment": { -> "Servers": [ -> { +> "Servers": [> { > "Server": "contoso.server.com", > "AuthType": "Basic", > "Login": "Contoso", > "Password": "ContOso$123456789" > } -> ], -> "Tables": [ -> { +>], +> "Tables": [> { > "Table": "entries", > "BaseDN": "DC=contoso,DC=com" > } -> ], +>], > "IsLdapPasswordReset": true, > "AsAdLds": false > } @@ -285,9 +281,9 @@ topic to learn how to configure password reset settings. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store LDAP's `Login`, `Password` and `Server`. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldif/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldif/index.md index 2dce1833fb..6787165fc7 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldif/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldif/index.md @@ -9,7 +9,7 @@ sidebar_position: 130 This connector exports entries from an [LDIF](https://en.wikipedia.org/wiki/LDAP_Data_Interchange_Format) file. -This page is about [ LDIF ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/ldif/index.md). +This page is about [LDIF](/docs/identitymanager/saas/integration-guide/connectors/references-packages/ldif/index.md). ![Package: Directory/LDIF](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldif/packages_ldif_v603.webp) @@ -32,7 +32,7 @@ This connector generates a CSV file from an input LDIF file containing entries t ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -66,7 +66,7 @@ The identifier of the connection and thus the name of the subsection must: > "LDIFFile": "C:/identitymanagerContoso/Contoso/contoso.ldif", > "FilterAttribute": "objectClass", > "FilterValues": "user organizationalUnit", -> "Attributes": [ "dn", "objectClass", "cn", "SAMAccountName", "Name", "userprincipalname" ], +> "Attributes": ["dn", "objectClass", "cn", "SAMAccountName", "Name", "userprincipalname"], > "LdifEncoding": "UTF-8", > } > } @@ -104,8 +104,8 @@ There are no fulfill capabilities for this connector. ### Credential protection This connector has no credential attributes, and therefore does not use -[](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), -nor a [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)Vault. +[](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), +nor a [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)Vault. Still, data protection can be ensured through an -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe. +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftentraid/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftentraid/index.md index 57b68d868c..7fa61c1927 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftentraid/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftentraid/index.md @@ -46,7 +46,7 @@ the list of configured attributes in the associated entity type mapping to a CSV ### Configuration This process is configured through a connection in the UI and/or the XML configuration. See the -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. Or in the `appsettings.agent.json > Connections` section: @@ -67,7 +67,10 @@ appsettings.agent.json } ``` -**NOTE:** The identifier of the connection and thus the name of the subsection must: +:::note +The identifier of the connection and thus the name of the subsection must: +::: + - be unique - not begin with a digit @@ -95,7 +98,7 @@ appsettings.agent.json } ``` -Setting attributes +**Setting attributes** The table below summarizes the setting attributes of Microsoft Entra ID connector. @@ -116,8 +119,11 @@ This connector is meant to generate the following files: - `_directoryobjects.csv` containing the property values from the entity type mapping associated with the connection. - **NOTE:** The values are exported from the entities listed in the attribute `C0` of the + :::note + The values are exported from the entities listed in the attribute `C0` of the `EntityTypeMapping`. + ::: + For example, with the following configuration: @@ -144,10 +150,13 @@ This connector is meant to generate the following files: ... ``` - _Remember,_ attributes described as "Supported only on the Get `` API" in the + :::tip + Remember, attributes described as "Supported only on the Get `` API" in the [Microsoft Graph API](https://docs.microsoft.com/en-us/graph/overview?view=graph-rest-1.0) documentation cannot be retrieved through this connector. The export task will raise an error if these attributes are used in your EntityTypeMapping. + ::: + This connector supports [Microsoft Entra ID Schema Extensions](https://docs.microsoft.com/en-us/previous-versions/azure/ad/graph/howto/azure-ad-graph-api-directory-schema-extensions) @@ -168,17 +177,23 @@ This connector is meant to generate the following files: Where command can be `insert`, `update` or `delete`; groupId is the id of the group; id is the id of the group member (in this context). - **NOTE:** Only the navigation properties `members` and `owners` are exported. These navigation + :::note + Only the navigation properties `members` and `owners` are exported. These navigation properties are automatically detected according to the data exported. + ::: + - one file `_cookie_.bin` per entity, containing an URL with a `delta token` useful for incremental export. > For example `MicrosoftEntraIDExport_cookie_user.bin` - _Remember,_ most exports can be run in complete mode, where the CSV files will contain all + :::tip + Remember, most exports can be run in complete mode, where the CSV files will contain all entries, or in incremental mode, where CSV files will contain only the entries which have been modified since the last synchronization. + ::: + A task can use the IgnoreCookieFile boolean property, and a command line (with an executable) can use the option --ignore-cookies. @@ -224,7 +239,7 @@ appsettings.agent.json } ``` -Setting attributes +**Setting attributes** The table below summarizes the setting attributes. @@ -245,17 +260,17 @@ groups' memberships via the UI. See the following to figure out authentication. -Password reset +**Password reset** See the[appsettings.agent](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) topic for additional information on how to configure password reset settings. -Credential protection +**Credential protection** Data protection can be ensured through: -- [ RSA Encryption ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), +- [RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), configured in the `appsettings.encrypted.agent.json` file - An [Azure Key Vault](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) safe; diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftexchange/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftexchange/index.md index fe1087d209..f29b412c41 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftexchange/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftexchange/index.md @@ -10,7 +10,7 @@ This connector exports mailboxes from a [Microsoft Exchange](https://support.microsoft.com/en-us/office/what-is-a-microsoft-exchange-account-47f000aa-c2bf-48ac-9bc2-83e5c6036793) instance. -This page is about [ Microsoft Exchange ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/microsoft-exchange/index.md). +This page is about [Microsoft Exchange](/docs/identitymanager/saas/integration-guide/connectors/references-packages/microsoft-exchange/index.md). ![Package: Server/Microsoft Exchange](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/microsoftexchange/packages_exchange_v603.webp) @@ -47,7 +47,7 @@ script used by Identity Manager. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -132,13 +132,13 @@ This connector can create, update or delete[ mailboxes](https://docs.microsoft.com/en-us/powershell/module/exchange/get-mailbox?view=exchange-ps)' addresses (PrimarySmtpAddress, ProxyAddress) and mailbox databases. -As it works via a PowerShell script. See the [ PowerShellProv ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md) topic +As it works via a PowerShell script. See the [PowerShellProv](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md) topic for additional information. Identity Manager's PowerShell script can be found in the SDK in `Usercube.Demo/Scripts/Fulfill-Exchange.ps1`. -See the [ PowerShellProv ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md) topic for additional information. +See the [PowerShellProv](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md) topic for additional information. ## Authentication @@ -154,15 +154,15 @@ This connector does not reset passwords. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; -- A [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)able to store +- A [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)able to store Microsoft Exchange's `Server`. This kind of credential protection can be used only for the export process. The fulfill process' credentials can be protected by following the instructions for the -PowerShellProv connector. See the [ PowerShellProv ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md) topic for +PowerShellProv connector. See the [PowerShellProv](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md) topic for additional information diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/odata/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/odata/index.md index dde5ad0abc..d5962a6c01 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/odata/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/odata/index.md @@ -8,7 +8,7 @@ sidebar_position: 160 This connector exports and fulfills data from/to an [OData](https://www.odata.org/) instance. -This page is about [ OData ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/odata/index.md). +This page is about [OData](/docs/identitymanager/saas/integration-guide/connectors/references-packages/odata/index.md). ![Package: Custom/OData](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/odata/packages_odata_v603.webp) @@ -35,7 +35,7 @@ based on the connector's metadata. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -93,14 +93,14 @@ The identifier of the connection and thus the name of the subsection must: This connector requires from the XML configuration: - An - [ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md): + [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md): - with the same identifier as the related entity type; - related to the right connector; - related to a connection table named `_`; - with properties whose connection columns represent the property's path in the entity, see the configuration example below; - An - [ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md): + [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md): - with the same identifier as the related entity association; - with its `Column1` in the format `UsercubeNav_:` for the related property in the association; diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/okta/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/okta/index.md index 9ef1765bdc..0188a7976c 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/okta/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/okta/index.md @@ -38,8 +38,11 @@ In order to do so you must connect to the Okta administration console `https://myexample-admin.okta.com` and create a new Netwrix Identity Manager (formerly Usercube) user. -**NOTE:** For some Okta deployments it is possible to create a service account or to Manage an Okta +:::note +For some Okta deployments it is possible to create a service account or to Manage an Okta user account as a service account. +::: + **Step 2 –** Assign administrator role and permissions to the Netwrix Identity Manager (formerly Usercube) user. @@ -276,8 +279,8 @@ topic for additional information. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the appsettings.encrypted.agent.json file -- An [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) -- A [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)Vault able to +- An [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) +- A [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md)Vault able to store Okta Login, Password, Account and Server. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/openldap/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/openldap/index.md index 40a7294ebc..af0fa637b9 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/openldap/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/openldap/index.md @@ -9,7 +9,7 @@ sidebar_position: 180 This connector exports and fulfills entries from/to an [OpenLDAP](https://www.openldap.org/) directory. -This page is about [ OData ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/odata/index.md). +This page is about [OData](/docs/identitymanager/saas/integration-guide/connectors/references-packages/odata/index.md). ![Package: Directory/Open LDAP](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/openldap/packages_ldapopen_v603.webp) @@ -27,7 +27,7 @@ Implementing this connector requires: - enabling SyncProv Overlay for the OpenLDAP server. To perform a complete export without the SyncProv Overlay enabled, use rather the - [ LDAP ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldap/index.md) connector. + [LDAP](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldap/index.md) connector. ## Export @@ -36,7 +36,7 @@ This connector exports to CSV files the content of an OpenLDAP Directory. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -108,7 +108,7 @@ Output folder: `ConnectionColumn` and each property without it but used in an entity association; Any property can be exported in a specific format when specified. See the - [ References: Format for the EntityPropertyMapping ](/docs/identitymanager/saas/integration-guide/connectors/entitypropertymapping-format/index.md) + [References: Format for the EntityPropertyMapping](/docs/identitymanager/saas/integration-guide/connectors/entitypropertymapping-format/index.md) topic for additional information. - a CSV file for each `ConnectionTable` in a related `EntityTypeMapping` or @@ -243,12 +243,12 @@ provisioning order, through the `ResourceType`'s `ArgumentsExpression`. Data protection can be ensured through: -- [](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), +- [](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md)[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; - an - [](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md)[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) + [](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md)[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; - a - [](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) + [](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store OpenLDAP's `Login`, `Password` and `Server`. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md index 678be59686..ca432f7fb4 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/index.md @@ -9,7 +9,7 @@ sidebar_position: 190 This connector writes to an external system via a [PowerShell](https://learn.microsoft.com/en-us/powershell/scripting/overview) script. -This page is about [ PowerShellProv ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/powershellprov/index.md). +This page is about [PowerShellProv](/docs/identitymanager/saas/integration-guide/connectors/references-packages/powershellprov/index.md). ![Package: Custom/PowerShellProv](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellprov/packages_powershellprov_v603.webp) @@ -49,7 +49,7 @@ linked to the managed system. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -116,7 +116,7 @@ Data protection can be ensured through: - [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | -------------------- | ------------------------------------------------- | @@ -124,7 +124,7 @@ Data protection can be ensured through: | Password (optional) | `Connections----Options--Password` | | PowerShellScriptPath | `Connections----PowerShellScriptPath` | -- A [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- A [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store the attributes from the `Options` section that are compatible with CyberArk. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellsync/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellsync/index.md index 1b9797267e..3cc2148fdd 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellsync/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellsync/index.md @@ -9,7 +9,7 @@ sidebar_position: 200 This connector exports data from an external system via a [PowerShell](https://learn.microsoft.com/en-us/powershell/scripting/overview) script. -This page is about [ PowerShellSync ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/powershellsync/index.md). +This page is about [PowerShellSync](/docs/identitymanager/saas/integration-guide/connectors/references-packages/powershellsync/index.md). ![Package: Custom/PowerShellSync](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/powershellsync/packages_powershellsync_v603.webp) @@ -57,7 +57,7 @@ prompt. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/racf/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/racf/index.md index 9c1e3bfe51..eb8479c39d 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/racf/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/racf/index.md @@ -9,7 +9,7 @@ sidebar_position: 210 This connector exports users and profiles from a [RACF](https://www.ibm.com/docs/en/zos-basic-skills?topic=zos-what-is-racf) file. -This page is about [ RACF ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/racf/index.md). +This page is about [RACF](/docs/identitymanager/saas/integration-guide/connectors/references-packages/racf/index.md). ![Package: MainFrame/RACF](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/racf/packages_racf_v603.webp) @@ -40,7 +40,7 @@ Be aware that Identity Manager supports only the RACF records represented by th ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -112,8 +112,8 @@ This connector does not reset passwords. ### Credential protection This connector has no credential attributes, and therefore does not use -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), nor a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md). +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), nor a +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md). Still, data protection can be ensured through an -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe. +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/index.md index c0634a06f5..8e1d2472c2 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/index.md @@ -9,7 +9,7 @@ sidebar_position: 220 This connector writes to an external system via a [Robot Framework](https://robotframework.org) script. -This page is about [Robot Framework](/docs/identitymanager/saas/integration-guide/connectors/references-packages/robot-framework/index.md) +**This page is about [Robot Framework](/docs/identitymanager/saas/integration-guide/connectors/references-packages/robot-framework/index.md)** ![Package: Custom/Robot Framework](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/robotframework/packages_robot_v603.webp) diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/saperp6/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/saperp6/index.md index 2d34628a2c..2829948c0c 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/saperp6/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/saperp6/index.md @@ -89,7 +89,7 @@ ABA.SAPSR3.USR11 to usercube grant select on ABA.SAPSR3.AGR_AGRS to usercube gra ABA.SAPSR3.USGRP to usercube grant select on ABA.SAPSR3.UST04 to usercube grant select on ABA.SAPSR3.AGR_TCODES to user grant select on ABA.SAPSR3.T002 to usercube Go -Set up the prerequisites for reading +**Set up the prerequisites for reading** To set up the prerequisites for reading follow the steps below. @@ -105,9 +105,12 @@ variables. **Step 3 –** Create environment variables: `HDBADOTNET=C:\hdbclient\ado.net` and `HDBADOTNETCORE=C:\hdbclient\dotnetcore`. -Set up the prerequisites for writing +**Set up the prerequisites for writing** + +:::note +Make sure the Read prerequisites are configured first. +::: -**NOTE:** Make sure the Read prerequisites are configured first. **Step 1 –** Copy the provided DLL `sapnwrfc.dl` into the Runtime of Identity Manager. @@ -134,7 +137,7 @@ from an SAP ERP instance, and writes the output to CSV files. This process is configured through a connection in the UI and/or the XML configuration, and in the **appsettings.agent.json** > **Connections** section. See the -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -153,7 +156,10 @@ appsettings.agent.json } ``` -_Remember,_ the identifier of the connection and thus the name of the subsection must: +:::tip +Remember, the identifier of the connection and thus the name of the subsection must: +::: + - Be unique - Not begin with a digit. @@ -287,7 +293,7 @@ Data protection can be ensured through: - A CyberArk Vault able to store Active Directory's Login, Password, and Server. See the -[ RSA Encryption ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), +[RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), [Azure Key Vault](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md), and [CyberArk's AAM Credential Providers ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics for additional information. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sapnetweaver/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sapnetweaver/index.md index e70a81826f..43a7c134f0 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sapnetweaver/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sapnetweaver/index.md @@ -10,7 +10,7 @@ This connector exports and fulfills users and roles from/to an [SAP Netweaver](https://www.sap.com/france/products/technology-platform/hana/what-is-sap-hana.html) instance. -This page is about [ SAP S/4 HANA ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/saphana/index.md). +This page is about [SAP S/4 HANA](/docs/identitymanager/saas/integration-guide/connectors/references-packages/saphana/index.md). ![Package: ERP/SAP S/4 HANA](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/sapnetweaver/packages_sap_v603.webp) @@ -37,7 +37,7 @@ output to CSV files. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -170,9 +170,9 @@ in the corresponding Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | --------- | ------------------------------------------------ | @@ -180,7 +180,7 @@ Data protection can be ensured through: | Login | `Connections----Login` | | Password | `Connections----Password` | -- A [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- A [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store Active Directory's `Login`, `Password` and `Server`. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/scim/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/scim/index.md index 47aaac1c96..2d05d38017 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/scim/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/scim/index.md @@ -31,11 +31,14 @@ REST API with specific endpoints to get and set data in a web application for IG allows an identity provider to manage the web application's accounts. For more details about SCIM and RFC, see the [IETF document](https://tools.ietf.org/html/rfc7644). -**NOTE:** Similarly to the Salesforce REST-based API, SCIM for Salesforce enables reading and +:::note +Similarly to the Salesforce REST-based API, SCIM for Salesforce enables reading and writing attributes, but writes to a smaller subset. For example, the following properties are manageable by the Salesforce REST-based API but not SCIM: `PermissionSetGroup`, `PermissionSetLicense`, `UserPermissionsKnowledgeUser`, `UserPermissionsInteractionUser`, `UserPermissionsSupportUser`, `CallCenterId`, `SenderEmail`. +::: + See the [Salesforce's documentation](https://help.salesforce.com/s/articleView?id=sf.identity_scim_rest_api.htm&type=5) @@ -53,7 +56,7 @@ The implementation of the Salesforce connector requires the completion of the fo - Reset the user token - Configure the Salesforce connection -Connect the application +**Connect the application** To connect to the Salesforce application do the following: @@ -87,7 +90,7 @@ Scopes. **Step 8 –** Copy the Consumer Key and Consumer Secret in your Keypass. -Enable OAuth authentication +**Enable OAuth authentication** To enable the OAuth authentication do the following: @@ -102,7 +105,7 @@ To enable the OAuth authentication do the following: **Step 3 –** Go to **OAuth** and **OpenID Connect Settings** in the **Identity** drop-down menu, enable the option to **Allow OAuth Username-Password Flows**. -Reset the user token +**Reset the user token** To reset the user token do the following: @@ -120,7 +123,7 @@ To reset the user token do the following: **Step 4 –** An email containing the new token will be sent. -Configure the Salesforce connection +**Configure the Salesforce connection** To configure the Salesforce connection do the following: @@ -144,7 +147,7 @@ The configuration of the Salesforce connector is completed. This process is configured through a connection in the UI and/or the XML configuration, and in the **appsettings.agent.json** > **Connections** section. -See the [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for +See the [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -163,7 +166,10 @@ appsettings.agent.json } ``` -_Remember,_ the identifier of the connection and thus the name of the subsection must: +:::tip +Remember, the identifier of the connection and thus the name of the subsection must: +::: + - Be unique - Not begin with a digit @@ -231,7 +237,7 @@ This connector is meant to generate to the ExportOutput folder the following CSV See the [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md) and -[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) +[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) topics for additional information. For the connector to work properly, the connection tables must follow the naming conventions too: @@ -342,7 +348,7 @@ Data protection can be ensured through: - A CyberArk Vault able to store Active Directory's Login, Password, and Server. See the -[ RSA Encryption ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), +[RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), [Azure Key Vault](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md), and [CyberArk's AAM Credential Providers ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics for additional information. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md index 49e4bef9c7..d701d239e1 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md @@ -9,7 +9,7 @@ sidebar_position: 260 This connector exports and fulfills any data, including users and roles, from/to a [ServiceNow CMDB](https://www.servicenow.com/products/servicenow-platform/configuration-management-database.html). -This page is about [ ServiceNow ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow/index.md). +This page is about [ServiceNow](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow/index.md). ![Package: ITSM/ServiceNow](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/packages_servicenow_v603.webp) @@ -21,7 +21,7 @@ management (ITOM) and IT business management (ITBM), allowing users to manage pr customer interactions via a variety of apps and plugins. This section focuses on ServiceNow Entity Management. To learn about how to use this connector to create tickets for other resources, see -[ ServiceNow Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md). +[ServiceNow Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md). ## Prerequisites @@ -43,7 +43,7 @@ deleted items) can't be performed. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -134,9 +134,9 @@ This connector is meant to generate to the Output folder one CSV file for each table, named `_.csv`. Identity Manager lists the tables to retrieve based on -[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)'s +[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)'s and -[ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)'s +[Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)'s connection tables. For the connector to work properly, the connection tables must follow the naming convention too: @@ -241,9 +241,9 @@ specified in the corresponding Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | ----------------- | ------------------------------------------------ | @@ -256,7 +256,7 @@ Data protection can be ensured through: | Filter | `Connections----Filter` | | ResponseSizeLimit | `Connections----ResponseSizeLimit` | -- A [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- A [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store Active Directory's `Login`, `Password`, `Server`, `ClientId` and `ClientSecret`. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowticket/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowticket/index.md index d8d2445587..eccabb6eba 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowticket/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowticket/index.md @@ -8,7 +8,7 @@ sidebar_position: 270 This connector opens tickets in [ServiceNow](https://www.servicenow.com/) for manual provisioning. -This page is about [ ServiceNow Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md). +This page is about [ServiceNow Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md). ![Package: Ticket/ServiceNow](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowticket/packages_servicenowticket_v603.webp) @@ -20,7 +20,7 @@ management (ITOM) and IT business management (ITBM), allowing users to manage pr customer interactions via a variety of apps and plugins. This section focuses on ServiceNow ticket creation for the fulfillment of resources that can't or shouldn't be performed with an existing fulfill. To learn about how to manage entities, see -[ ServiceNow ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md)Entity Management. +[ServiceNow](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md)Entity Management. ## Prerequisites @@ -36,7 +36,7 @@ Implementing this connector requires: ## Export This connector exports some of ServiceNow entities, see the export capabilities of the -[ ServiceNow ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md)connector. Some entities cannot be exported. +[ServiceNow](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md)connector. Some entities cannot be exported. ## Fulfill @@ -50,7 +50,7 @@ resource accordingly. See the [Entitlement Assignment](/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md) topic for additional information. -See the fulfill capabilities of the [ ServiceNow ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md)connector. +See the fulfill capabilities of the [ServiceNow](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md)connector. > For example: > @@ -84,9 +84,9 @@ the user's **password_needs_reset** attribute is set to `true`. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | ------------------------- | ------------------------------------------------------ | @@ -99,7 +99,7 @@ Data protection can be ensured through: | TicketCookieDirectoryPath | `Connections----TicketCookieDirectoryPath` | | ResponseSizeLimit | `Connections----ResponseSizeLimit` | -- A [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- A [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store Active Directory's `Login`, `Password`, `Server`, `ClientId` and `ClientSecret`. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharedfolder/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharedfolder/index.md index ed271ab3e2..921e35f7e2 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharedfolder/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharedfolder/index.md @@ -8,7 +8,7 @@ sidebar_position: 290 This connector exports users and permissions from Windows shared folders. -This page is about [ Shared Folders ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/shared-folders/index.md). +This page is about [Shared Folders](/docs/identitymanager/saas/integration-guide/connectors/references-packages/shared-folders/index.md). ![Package: Storage/Shared Folders](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharedfolder/packages_sharedfolders_v603.webp) @@ -35,7 +35,7 @@ This connector scans shared folders in order to export their content to CSV file ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -70,10 +70,10 @@ The identifier of the connection and thus the name of the subsection must: > "Connections": { > ... > "SharedFolderExport": { -> "InputDirectories": [ "OfficeNetwork/R&D_Projects", "OfficeNetwork/Management", "C:/" ], +> "InputDirectories": ["OfficeNetwork/R&D_Projects", "OfficeNetwork/Management", "C:/"], > "OnlyDirectoryScan": "true", > "LevelOfScan": "12", -> "ListOfSIDToAvoid": [ "S-1-3-2-4", "S-5-7-6-8" ], +> "ListOfSIDToAvoid": ["S-1-3-2-4", "S-5-7-6-8"], > "Login": "account@example.com", > "Password": "accountexamplepassword", > "Domain": "Example", @@ -137,9 +137,9 @@ This connector does not reset passwords. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | ----------------- | ------------------------------------------------ | @@ -152,7 +152,7 @@ Data protection can be ensured through: | Password | `Connections----Password` | | InputDirectories | `Connections----InputDirectories` | -- A [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store +- A [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store Active Directory's `Login` and `Password`. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharepoint/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharepoint/index.md index 8e412322dd..3e537c6ffd 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharepoint/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sharepoint/index.md @@ -252,7 +252,7 @@ Data protection can be ensured through: - A CyberArk Vault able to store SharePoint's `Login` and `Password`. See the -[ RSA Encryption ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), +[RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md), [Azure Key Vault](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md), and [CyberArk's AAM Credential Providers ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics for additional information. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sql/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sql/index.md index dda88076b1..519d4422de 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sql/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sql/index.md @@ -11,13 +11,13 @@ This connector exports data from one of various This page is about: -- Database/[ Generic SQL ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-sql/index.md); -- Database/[ SQL Server ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sql-server/index.md); -- Database/[ MySQL ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/mysql/index.md); -- Database/[ ODBC ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/odbc/index.md); -- Database[ Oracle Database ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/oracle-database/index.md); -- Database/[ PostgreSQL ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/postgresql/index.md); -- [ SAP ASE ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sapase/index.md). +- Database/[Generic SQL](/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-sql/index.md); +- Database/[SQL Server](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sql-server/index.md); +- Database/[MySQL](/docs/identitymanager/saas/integration-guide/connectors/references-packages/mysql/index.md); +- Database/[ODBC](/docs/identitymanager/saas/integration-guide/connectors/references-packages/odbc/index.md); +- Database[Oracle Database](/docs/identitymanager/saas/integration-guide/connectors/references-packages/oracle-database/index.md); +- Database/[PostgreSQL](/docs/identitymanager/saas/integration-guide/connectors/references-packages/postgresql/index.md); +- [SAP ASE](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sapase/index.md). ![Package: Directory/Database/Generic SQL](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/sql/packages_sqlgeneric_v603.webp) @@ -66,7 +66,7 @@ This connector exports the content of any table from an SQL database and writes ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -113,8 +113,8 @@ The identifier of the connection and thus the name of the subsection must: | Timeout optional | **Type** Int32 **Description** Time period (in seconds) after which the request attempt is terminated and an error is generated. | | | | | --- | --- | -| SqlCommand optional | **Type** String **Description** SQL request to be executed. **Note:** when not specified and `SqlFile` neither, then all the[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) of this connector will be exported. | -| SqlFile optional | **Type** String **Description** Path of the file containing the SQL request to be executed. **Note:** ignored when `SqlCommand` is specified. **Note:** when not specified and `SqlFile` neither, then all the [ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) of this connector will be exported. | +| SqlCommand optional | **Type** String **Description** SQL request to be executed. **Note:** when not specified and `SqlFile` neither, then all the[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) of this connector will be exported. | +| SqlFile optional | **Type** String **Description** Path of the file containing the SQL request to be executed. **Note:** ignored when `SqlCommand` is specified. **Note:** when not specified and `SqlFile` neither, then all the [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) of this connector will be exported. | | CsvEncoding default value: UTF-8 | **Type** String **Description** Encoding of the file. [See the list of available encodings](https://learn.microsoft.com/en-us/dotnet/api/system.text.encoding#see-the-list-of-available-encodings). | | ProviderClassFullName optional | **Type** String **Description** Invariant name to register the provider. **Note:** required when querying a DBMS other than Microsoft SQL Server. | | ProviderDllName optional | **Type** String **Description** DLL, i.e. name and extension, to be loaded by the connector. **Note:** the DLL must be in the `Runtime` folder. **Note:** required when querying a DBMS other than Microsoft SQL Server. | @@ -133,7 +133,7 @@ Connect to a DBMS other than Microsoft SQL Server by proceeding as follows: 3. Get the value required for `ProviderClassFullName` and `ProviderDllName`: - for a DBMS handled by Identity Manager's packages, by accessing the - [ References: Packages ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/index.md); + [References: Packages](/docs/identitymanager/saas/integration-guide/connectors/references-packages/index.md); > For MySQL: > @@ -210,9 +210,9 @@ This connector does not reset passwords. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | --------------------- | -------------------------------------------------- | @@ -224,5 +224,5 @@ Data protection can be ensured through: | ProviderDllName | `Connections----ProviderDllName` | | Timeout | `Connections----Timeout` | -[](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) +[](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) is not available for this connector. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md index 80aec876c6..443d36831b 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sqlserverentitlements/index.md @@ -10,7 +10,7 @@ This connector exports entitlements from [Microsoft SQL Server](https://www.microsoft.com/en-us/sql-server/). This page is about -[ SQL Server Entitlements ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sql-server-entitlements/index.md). +[SQL Server Entitlements](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sql-server-entitlements/index.md). ![Package: Database/Microsoft SQL Server Entitlements](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/sqlserverentitlements/packages_sqlservermanagement_v603.webp) @@ -84,7 +84,7 @@ This connector exports only in complete mode. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -117,7 +117,7 @@ The identifier of the connection and thus the name of the subsection must: > ... > "SqlServerEntitlementsExport": { > "ConnectionString": "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;", -> "Databases": [ "UsercubeDemo", "AdventureWorks2017" ] +> "Databases": ["UsercubeDemo", "AdventureWorks2017"] > } > } > } @@ -163,14 +163,14 @@ This connector does not reset passwords. Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | ---------------- | ------------------------------------------------ | | ConnectionString | `Connections----ConnectionString` | | Timeout | `Connections----Timeout` | -[](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) +[](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) is not available for this connector. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/topsecret/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/topsecret/index.md index 496c08d415..7bc4c61fbe 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/topsecret/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/topsecret/index.md @@ -9,7 +9,7 @@ sidebar_position: 320 This connector exports users and profiles from a [Top Secret](https://www.ibm.com/docs/en/szs/2.2?topic=audit-top-secret) (TSS) instance. -This page is about [ TSS ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/tss/index.md). +This page is about [TSS](/docs/identitymanager/saas/integration-guide/connectors/references-packages/tss/index.md). ![Package: Mainframe/Top Secret](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/topsecret/packages_tss_v603.webp) diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/workday/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/workday/index.md index 774acd299e..c8abcfd876 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-connectors/workday/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-connectors/workday/index.md @@ -9,7 +9,7 @@ sidebar_position: 330 This connector exports users and groups from a [Workday](https://www.workday.com/en-us/products/talent-management/overview.html) instance. -This page is about [ Workday ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/workday/index.md). +This page is about [Workday](/docs/identitymanager/saas/integration-guide/connectors/references-packages/workday/index.md). ![Package: ERP/Workday](/img/product_docs/identitymanager/saas/integration-guide/connectors/references-connectors/workday/packages_workday_v603.webp) @@ -37,7 +37,7 @@ This connector exports any entity available in WWS. ### Configuration This process is configured through a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) in the UI and/or the XML configuration, and in the `appsettings.agent.json > Connections` section: ``` @@ -98,14 +98,13 @@ to be exported. > ``` > bodies.json > { -> "Requests": [ -> { +> "Requests": [> { > "XmlBody": " ", > "EntityName": "workers", > "IncrementalTag": "Transaction_Log_Criteria_Data", > "WebService": "Human_Resources/v34.2" > } -> ] +>] > } > ``` @@ -127,15 +126,15 @@ Output folder: columns: - **Command**: used for - [ Prepare Synchronization Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md); + [Prepare Synchronization Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md); - one column for each XPath found in the - [ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)' + [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)' connection columns and - [ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)' + [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md)' columns. [See Workday's documentation to compute XPaths](https://community.workday.com/sites/default/files/file-hosting/productionapi/Human_Resources/v34.2/samples/Get_Workers_Response.xml).``` `\_.csv` - Command,Key_XPath_1,Key_XPath_2,...,Key_XPath_N Add,value1,value2,...,valueN +**Command,Key_XPath_1,Key_XPath_2,...,Key_XPath_N Add,value1,value2,...,valueN** ``` @@ -173,9 +172,9 @@ Output folder: Data protection can be ensured through: -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md), configured in the `appsettings.encrypted.agent.json` file; -- An [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; +- An [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) safe; | Attribute | Naming Convention for the Key in Azure Key Vault | | ------------- | ------------------------------------------------ | @@ -185,7 +184,7 @@ Data protection can be ensured through: | Server | `Connections----Server` | - A - [](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) + [](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) able to store Workday's `Login`, `Password` and `Server`. Protected attributes are stored inside a safe in CyberArk, into an account whose identifier can be diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-sql/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-sql/index.md index f1680743b1..4854390c7b 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-sql/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-sql/index.md @@ -19,5 +19,5 @@ Exports data from a SQL database. When creating a connection to a database which is not handled by Identity Manager's packages, you'll need to fill in the `ProviderDllName` and `ProviderClassFullName` properties of the -[ Sql ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sql/index.md) connector using the procedure given in the +[Sql](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/sql/index.md) connector using the procedure given in the example. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-packages/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-packages/index.md index 8de6b87532..a7091ea10c 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-packages/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-packages/index.md @@ -13,183 +13,183 @@ If you are looking for the dll of a given package, be aware that you can often f 2. Copy the dll file (corresponding to the appropriate .Net version) to the `Runtime` folder. -- [ Active Directory ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/active-directory/index.md) +- [Active Directory](/docs/identitymanager/saas/integration-guide/connectors/references-packages/active-directory/index.md) Manages users and groups in Active Directory. This package supports incremental synchronization with the DirSync mechanism. -- [ Apache Directory ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/apache-directory/index.md) +- [Apache Directory](/docs/identitymanager/saas/integration-guide/connectors/references-packages/apache-directory/index.md) Manages users and groups in Apache Directory. -- [ Azure ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/azure/index.md) +- [Azure](/docs/identitymanager/saas/integration-guide/connectors/references-packages/azure/index.md) Exports Azure resources, role definitions and role assignments. -- [ CSV ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/csv/index.md) +- [CSV](/docs/identitymanager/saas/integration-guide/connectors/references-packages/csv/index.md) Exports CSV to prepare synchronization. -- [ CyberArk ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/cyberark/index.md) +- [CyberArk](/docs/identitymanager/saas/integration-guide/connectors/references-packages/cyberark/index.md) Manages CyberArk entities, including user and group assignments. -- [ EasyVista ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/easyvista/index.md) +- [EasyVista](/docs/identitymanager/saas/integration-guide/connectors/references-packages/easyvista/index.md) Manages users inside an EasyVista instance. This package supports incremental synchronization. -- [ EasyVista Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/easyvistaticket/index.md) +- [EasyVista Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/easyvistaticket/index.md) Creates tickets inside an EasyVista instance. This package supports incremental synchronization. -- [ Excel ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/excel/index.md) +- [Excel](/docs/identitymanager/saas/integration-guide/connectors/references-packages/excel/index.md) Exports Excel data sheets. -- [ Generic LDAP ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-ldap/index.md) +- [Generic LDAP](/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-ldap/index.md) Manages entries in an LDAP compliant directory. -- [ Generic SCIM ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-scim/index.md) +- [Generic SCIM](/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-scim/index.md) Manages entities in SCIM compatible application. -- [ Generic SQL ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-sql/index.md) +- [Generic SQL](/docs/identitymanager/saas/integration-guide/connectors/references-packages/generic-sql/index.md) Exports data from a SQL database. -- [ Google Workspace ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/googleworkspace/index.md) +- [Google Workspace](/docs/identitymanager/saas/integration-guide/connectors/references-packages/googleworkspace/index.md) Manages Google Workspace entities. -- [ Home Folders ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/home-folders/index.md) +- [Home Folders](/docs/identitymanager/saas/integration-guide/connectors/references-packages/home-folders/index.md) Manages Home Folders. -- [ JSON ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/json/index.md) +- [JSON](/docs/identitymanager/saas/integration-guide/connectors/references-packages/json/index.md) Generate JSON files for each provisioning order. These JSON can then be used by custom scripts. -- [ LDIF ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/ldif/index.md) +- [LDIF](/docs/identitymanager/saas/integration-guide/connectors/references-packages/ldif/index.md) Exports entries from a LDIF file. -- [ Manual Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/manual-ticket/index.md) +- [Manual Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/manual-ticket/index.md) Opens manual provisioning tickets in Identity Manager. -- [ Manual Ticket and CUD Resources ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/manual-ticket-and-cud-resources/index.md) +- [Manual Ticket and CUD Resources](/docs/identitymanager/saas/integration-guide/connectors/references-packages/manual-ticket-and-cud-resources/index.md) Opens manual provisioning tickets in Identity Manager. -- [ Microsoft Entra ID ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/azure-active-directory/index.md) +- [Microsoft Entra ID](/docs/identitymanager/saas/integration-guide/connectors/references-packages/azure-active-directory/index.md) Manages users and groups in Microsoft Entra ID (formerly Microsoft Azure AD). This package supports incremental synchronization with the delta API. -- [ Microsoft Exchange ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/microsoft-exchange/index.md) +- [Microsoft Exchange](/docs/identitymanager/saas/integration-guide/connectors/references-packages/microsoft-exchange/index.md) Manages Microsoft Exchange mailboxes. This package supports incremental synchronization. -- [ MySQL ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/mysql/index.md) +- [MySQL](/docs/identitymanager/saas/integration-guide/connectors/references-packages/mysql/index.md) Export data from a MySQL database. -- [ OData ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/odata/index.md) +- [OData](/docs/identitymanager/saas/integration-guide/connectors/references-packages/odata/index.md) Manages OData entities. -- [ ODBC ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/odbc/index.md) +- [ODBC](/docs/identitymanager/saas/integration-guide/connectors/references-packages/odbc/index.md) Exports data from a generic ODBC compatible database. -- [ Open LDAP ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/open-ldap/index.md) +- [Open LDAP](/docs/identitymanager/saas/integration-guide/connectors/references-packages/open-ldap/index.md) Manages entries in Open LDAP. This package supports incremental synchronization with the sysrepl mechanism. -- [ Oracle Database ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/oracle-database/index.md) +- [Oracle Database](/docs/identitymanager/saas/integration-guide/connectors/references-packages/oracle-database/index.md) Export data from an Oracle database. -- [ Oracle LDAP ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/oracle-ldap/index.md) +- [Oracle LDAP](/docs/identitymanager/saas/integration-guide/connectors/references-packages/oracle-ldap/index.md) Manages entries in Oracle Internet Directory. -- [ PostgreSQL ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/postgresql/index.md) +- [PostgreSQL](/docs/identitymanager/saas/integration-guide/connectors/references-packages/postgresql/index.md) Export data from a PostgreSQL database. -- [ PowerShellProv ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/powershellprov/index.md) +- [PowerShellProv](/docs/identitymanager/saas/integration-guide/connectors/references-packages/powershellprov/index.md) Fulfills an external system with a custom PowerShell script. -- [ PowerShellSync ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/powershellsync/index.md) +- [PowerShellSync](/docs/identitymanager/saas/integration-guide/connectors/references-packages/powershellsync/index.md) Create a CSV export from a Powershell Script. -- [ RACF ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/racf/index.md) +- [RACF](/docs/identitymanager/saas/integration-guide/connectors/references-packages/racf/index.md) Exports the RACF users and profiles. -- [ Red Hat Directory Server ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/red-hat-directory-server/index.md) +- [Red Hat Directory Server](/docs/identitymanager/saas/integration-guide/connectors/references-packages/red-hat-directory-server/index.md) Manages entries in a Red Hat Directory Server. -- [ Robot Framework ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/robot-framework/index.md) +- [Robot Framework](/docs/identitymanager/saas/integration-guide/connectors/references-packages/robot-framework/index.md) Fulfills an external system using a Robot Framework script. -- [ Salesforce ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/salesforce/index.md) +- [Salesforce](/docs/identitymanager/saas/integration-guide/connectors/references-packages/salesforce/index.md) Manages Salesforce entities. -- [ SAP ASE ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sapase/index.md) +- [SAP ASE](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sapase/index.md) Exports data from a SAP ASE database. -- [ SAP ERP 6.0 ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/saperp6/index.md) +- [SAP ERP 6.0](/docs/identitymanager/saas/integration-guide/connectors/references-packages/saperp6/index.md) Manages users and roles in SAP ERP 6.0. -- [ SAP S/4 HANA ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/saphana/index.md) +- [SAP S/4 HANA](/docs/identitymanager/saas/integration-guide/connectors/references-packages/saphana/index.md) Manages users and roles in SAP S/4 HANA. -- [ ServiceNow ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow/index.md) +- [ServiceNow](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow/index.md) Manages any data in the CMDB, including users and roles. This package supports incremental synchronization. -- [ ServiceNow Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) +- [ServiceNow Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) Opens tickets in ServiceNow for the manual provisioning. -- [ Shared Folders ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/shared-folders/index.md) +- [Shared Folders](/docs/identitymanager/saas/integration-guide/connectors/references-packages/shared-folders/index.md) Manages users and permissions in Shared Folders. -- [ SharePoint ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sharepoint/index.md) +- [SharePoint](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sharepoint/index.md) Exports sites, folders, SharePoint groups and permissions. -- [ Slack ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/slack/index.md) +- [Slack](/docs/identitymanager/saas/integration-guide/connectors/references-packages/slack/index.md) Manages Slack entities. -- [ SQL Server ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sql-server/index.md) +- [SQL Server](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sql-server/index.md) Export data from a SQL Server database. -- [ SQL Server Entitlements ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sql-server-entitlements/index.md) +- [SQL Server Entitlements](/docs/identitymanager/saas/integration-guide/connectors/references-packages/sql-server-entitlements/index.md) Exports SQL Server Entitlements. -- [ TSS ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/tss/index.md) +- [TSS](/docs/identitymanager/saas/integration-guide/connectors/references-packages/tss/index.md) Exports the Top Secret users and profiles. -- [ Unplugged ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/unplugged/index.md) +- [Unplugged](/docs/identitymanager/saas/integration-guide/connectors/references-packages/unplugged/index.md) Manages an unplugged system with a completely custom data model. @@ -198,10 +198,10 @@ If you are looking for the dll of a given package, be aware that you can often f Updates the Identity Manager database for each provisioning order. This package is used for HR systems, authoritative systems or other Identity Manager instances. -- [ Workday ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/workday/index.md) +- [Workday](/docs/identitymanager/saas/integration-guide/connectors/references-packages/workday/index.md) Manages users and groups in Workday. -- [ Workflow ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/workflow/index.md) +- [Workflow](/docs/identitymanager/saas/integration-guide/connectors/references-packages/workflow/index.md) Triggers workflows in Identity Manager for each provisioning order. diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-packages/oracle-database/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-packages/oracle-database/index.md index 4e3276c86b..f12348db3e 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-packages/oracle-database/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-packages/oracle-database/index.md @@ -25,4 +25,7 @@ To use this package, `Oracle.ManagedDataAccess.Core` needs to be [downloaded from the Oracle website](https://www.oracle.com/database/technologies/net-downloads.html) (selecting the `ODP.NET` release) and copied to the `Runtime` folder. -**NOTE:** The DLL in the "Oracle.ManagedDataAccess" package isn't compatible with .NET 8 +:::note +The DLL in the "Oracle.ManagedDataAccess" package isn't compatible with .NET 8 + +::: diff --git a/docs/identitymanager/saas/integration-guide/connectors/references-packages/sql-server-entitlements/index.md b/docs/identitymanager/saas/integration-guide/connectors/references-packages/sql-server-entitlements/index.md index fc3cd5938f..363d6443da 100644 --- a/docs/identitymanager/saas/integration-guide/connectors/references-packages/sql-server-entitlements/index.md +++ b/docs/identitymanager/saas/integration-guide/connectors/references-packages/sql-server-entitlements/index.md @@ -6,7 +6,7 @@ sidebar_position: 360 # SQL Server Entitlements -Exports SQL Server Entitlements +**Exports SQL Server Entitlements** | Package Characteristics | Value | | ----------------------- | ------------------------------------------ | diff --git a/docs/identitymanager/saas/integration-guide/entity-model/index.md b/docs/identitymanager/saas/integration-guide/entity-model/index.md index dca59b3954..8d7135bf24 100644 --- a/docs/identitymanager/saas/integration-guide/entity-model/index.md +++ b/docs/identitymanager/saas/integration-guide/entity-model/index.md @@ -35,29 +35,29 @@ The **metadata** of a resource is the description of the resources' shape. Using _Entity-Relationship_ vocabulary, it's a list of property names and types for a resource. The metadata is written using -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md), -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and -[ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +[Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md), +[Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and +[Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). #### Entity types Every resource is assigned an -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that describes its shape. +[Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that describes its shape. It's a description of the resource: it can be a managed system's resource or a real world entity such as an identity or a department. -An [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) includes: +An [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) includes: -- One or more [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) +- One or more [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) - Zero or more - [ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) + [Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) #### Entity properties Properties are key-value pairs, with a name and type that describes the nature of the value held by the property. They are described by -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties. +[Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties. There are two kind of properties: **Scalar Properties** and **Navigation Properties**. @@ -87,7 +87,7 @@ of the link. #### Entity association -An [ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) +An [Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) describes a link between entity types. It connects a pair of navigation properties, from two **Entity Types**. @@ -102,7 +102,7 @@ Given a navigation property A of EntityType 1, linking EntityType 1 to navigatio EntityType 2, then navigation property B is called the reverse property of navigation property A and navigation property A is called the reverse property of navigation property B. -For example, +**For example,** - The _User_ entity type has the navigational property _Positions_ (a link to **zero or more\_**Position\_ entities); @@ -128,7 +128,7 @@ named \_`InternalDisplayName___L{Index}`_ where \_Index_ reference the #### Computed property A property can be calculated from other properties. The -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression +[Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression element allows the expression of a computed property. It references the property (specifying the entity type's identifier and the property's identifier) and expresses the calculation based on a given entity using the calculation [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md) syntax. @@ -145,7 +145,7 @@ explicitly declared in the applicative configuration. It represents a user-friendly name for **EntityType** that is used in the UI if needed. Its value can be explicitly computed by an -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression. +[Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) property expression. Otherwise, a default value is automatically computed by Identity Manager using the first property of the **EntityType** where `identifier` contains the string _"name"_. If no such property is found, the first declared property of the **EntityType** is used instead. @@ -172,32 +172,32 @@ Binary property values (such as pictures or files) are stored in the UR_Resource ### Mapping Identity Manager's Entity Model also contains **a mapping** between the external data and -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties or -[](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md)[ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +[Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties or +[](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md)[Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). That's why entity types are organized into **connectors**. The **mapping\_**connects\_ entity types to external sources of truth. This information is provided by the -[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), their -[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and -[ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). +[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), their +[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and +[Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). To build Identity Manager resources from external data found in the managed system, the entity model provides a mapping between the external data (often in the form of CSV files, see -[ Upward Data Synchronization ](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md)) and entity +[Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md)) and entity properties. This information is provided by the -[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), their -[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)and -[ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). +[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), their +[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)and +[Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). Every -[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)maps a -CSV column to a scalar [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). +[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)maps a +CSV column to a scalar [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). Every -[ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +[Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) maps a CSV column to a navigation -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). +[Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). #### Format @@ -217,9 +217,9 @@ something readable by the external system. ![Export and Fulfill Data transformation](/img/product_docs/identitymanager/saas/integration-guide/connectors/entitypropertymapping-format/entitypropertymapping-format-flowchart.webp) The format used in the external system can be provided through the -[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) using +[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) using the -[ References: Format for the EntityPropertyMapping ](/docs/identitymanager/saas/integration-guide/connectors/entitypropertymapping-format/index.md) +[References: Format for the EntityPropertyMapping](/docs/identitymanager/saas/integration-guide/connectors/entitypropertymapping-format/index.md) attribute to help Identity Manager to convert data appropriately. If the field in the external system is not forced to a specific value type, but is free-form @@ -230,7 +230,7 @@ external system. #### Primary key When writing an -[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), one of +[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md), one of the _scalar properties_ should be chosen as primary key. This property will be used by Identity Manager to [uniquely identify a resource](https://en.wikipedia.org/wiki/Primary_key). It is hence crucial to choose carefully as many of Identity Manager's processes and optimizations depend on this @@ -245,7 +245,7 @@ the database. The views are useful to understand how Identity Manager works or configuration. SQL Views are built by the -[ Create Database Views Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md). +[Create Database Views Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md). SQL Views created by this tool are identified in the database by a `zz_` prefix. diff --git a/docs/identitymanager/saas/integration-guide/executables/references/anonymize/index.md b/docs/identitymanager/saas/integration-guide/executables/references/anonymize/index.md index ac6c1400ee..dae1ebec04 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/anonymize/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/anonymize/index.md @@ -76,7 +76,7 @@ The following command outputs the anonymized data in STDOUT. ``` -./identitymanager-Anonymize.exe -n C:/Projects/identitymanager/Documentation/exampleSources/Anonymizer/users.csv -s "," --columns first_name,last_name,mail:email,number:phone +**./identitymanager-Anonymize.exe -n C:/Projects/identitymanager/Documentation/exampleSources/Anonymizer/users.csv -s "," --columns first_name,last_name,mail:email,number:phone** ``` diff --git a/docs/identitymanager/saas/integration-guide/executables/references/compute-correlationkeys/index.md b/docs/identitymanager/saas/integration-guide/executables/references/compute-correlationkeys/index.md index f26884b2da..823ab35aa5 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/compute-correlationkeys/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/compute-correlationkeys/index.md @@ -15,7 +15,7 @@ string, for all entity types. ``` -./identitymanager-Compute-CorrelationKeys.exe --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false" -a +**./identitymanager-Compute-CorrelationKeys.exe --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false" -a** ``` diff --git a/docs/identitymanager/saas/integration-guide/executables/references/configuration-transform/index.md b/docs/identitymanager/saas/integration-guide/executables/references/configuration-transform/index.md index 9babdaa02c..052b31bde3 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/configuration-transform/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/configuration-transform/index.md @@ -21,11 +21,11 @@ The resulting files are saved in `C:/identitymanagerDemo/ConfTransformed`. ``` -./identitymanager-Configuration-Transform.exe --input "C:/identitymanagerDemo/Conf" --output "C:/identitymanagerDemo/ConfTransformed" --transformation-file "C:/identitymanagerDemo/transformations.json" +**./identitymanager-Configuration-Transform.exe --input "C:/identitymanagerDemo/Conf" --output "C:/identitymanagerDemo/ConfTransformed" --transformation-file "C:/identitymanagerDemo/transformations.json"** ``` -transformations.json +**transformations.json** ```json { diff --git a/docs/identitymanager/saas/integration-guide/executables/references/create-databaseviews/index.md b/docs/identitymanager/saas/integration-guide/executables/references/create-databaseviews/index.md index 18960f9f18..1157d6db20 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/create-databaseviews/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/create-databaseviews/index.md @@ -31,8 +31,8 @@ Identity Manager's database. | --progress-use-api optional | **Type** String **Description** Update progress with the API. | | | | | --- | --- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/saas/integration-guide/executables/references/decrypt-file/index.md b/docs/identitymanager/saas/integration-guide/executables/references/decrypt-file/index.md index 49f51a9e0f..509f88e3c4 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/decrypt-file/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/decrypt-file/index.md @@ -19,7 +19,7 @@ using the agent side certificate defined in the agent's `appsettings.json`. ``` -$decryptFile = & ./identitymanager-Decrypt-File.exe --files $ordersFile +**$decryptFile = & ./identitymanager-Decrypt-File.exe --files $ordersFile** ``` diff --git a/docs/identitymanager/saas/integration-guide/executables/references/deploy-configuration/index.md b/docs/identitymanager/saas/integration-guide/executables/references/deploy-configuration/index.md index abb3dd624b..b29e9fdf9c 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/deploy-configuration/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/deploy-configuration/index.md @@ -11,7 +11,7 @@ items to insert, update or delete in the application. ## Examples -Locally +**Locally** The following example deploys an on-premise configuration via a direct connection to the database through its connection string: @@ -23,7 +23,7 @@ script in the command line. ./identitymanager-Deploy-Configuration.exe -d "C:/identitymanager/Conf" --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;" ``` -Remotely +**Remotely** The following example deploys a SaaS configuration via an HTTP POST request to the server of the remote configuration: @@ -35,10 +35,13 @@ script in the command line. ./identitymanager-Deploy-Configuration.exe -d "C:/identitymanager/Conf" --api-url https://my_usercube_instance.com ``` -**_RECOMMENDED:_** To be able to deploy a SaaS configuration, you must first provide your Identity +:::info +To be able to deploy a SaaS configuration, you must first provide your Identity Manager administrator with identity information. See the -[ Deploy the Configuration ](/docs/identitymanager/saas/integration-guide/toolkit/deploy-configuration/index.md) topic for +[Deploy the Configuration](/docs/identitymanager/saas/integration-guide/toolkit/deploy-configuration/index.md) topic for additional information. +::: + ## Arguments diff --git a/docs/identitymanager/saas/integration-guide/executables/references/easyvistaticket-updatefulfillmentstate/index.md b/docs/identitymanager/saas/integration-guide/executables/references/easyvistaticket-updatefulfillmentstate/index.md index 52fee4a5ad..35ec83a0a9 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/easyvistaticket-updatefulfillmentstate/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/easyvistaticket-updatefulfillmentstate/index.md @@ -46,8 +46,8 @@ set the fulfillment state of the corresponding assigned resource types. | Argument Name | Details | | ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an[ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an[OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md b/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md index cff0a06421..2283008ff5 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md @@ -76,13 +76,13 @@ remote configuration: ``` -./identitymanager-Export-Configuration.exe -d "C:/identitymanager/ExportedConf" --api-url https://my_usercube_instance.com +**./identitymanager-Export-Configuration.exe -d "C:/identitymanager/ExportedConf" --api-url https://my_usercube_instance.com** ``` To be able to export a SaaS configuration, you must first provide your Identity Manager administrator with identity information. See the -[ Export the Configuration ](/docs/identitymanager/saas/integration-guide/toolkit/export-configuration/index.md) topic for +[Export the Configuration](/docs/identitymanager/saas/integration-guide/toolkit/export-configuration/index.md) topic for additional information. ### Basic export for a change of environment diff --git a/docs/identitymanager/saas/integration-guide/executables/references/fulfill-easyvista/index.md b/docs/identitymanager/saas/integration-guide/executables/references/fulfill-easyvista/index.md index e39dcb1195..7333e5ee3f 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/fulfill-easyvista/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/fulfill-easyvista/index.md @@ -34,8 +34,8 @@ But the identifiers can be also given instead of the id: | Argument Name | Details | | ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/saas/integration-guide/executables/references/fulfill-scim/index.md b/docs/identitymanager/saas/integration-guide/executables/references/fulfill-scim/index.md index ea50e44f35..8afe89c4b2 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/fulfill-scim/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/fulfill-scim/index.md @@ -34,8 +34,8 @@ But the identifiers can be also given instead of the id: | Argument Name | Details | | -------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/saas/integration-guide/executables/references/fulfill-toeasyvistaticket/index.md b/docs/identitymanager/saas/integration-guide/executables/references/fulfill-toeasyvistaticket/index.md index 98dc5c99bd..6e9b8b018e 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/fulfill-toeasyvistaticket/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/fulfill-toeasyvistaticket/index.md @@ -34,8 +34,8 @@ But the identifiers can be also given instead of the id: | Argument Name | Details | | ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/saas/integration-guide/executables/references/generate-configuration/index.md b/docs/identitymanager/saas/integration-guide/executables/references/generate-configuration/index.md index 7e8807da4b..a29c3bb194 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/generate-configuration/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/generate-configuration/index.md @@ -31,7 +31,7 @@ From a list of CSV files, generates the configuration of the entities representi complex connector requires as an argument an xml file containing all the CSV files to be processed as well as the primary keys of these files. -Example of xml file +**Example of xml file** ``` @@ -54,7 +54,7 @@ Example of xml file ``` -./identitymanager-Generate-Configuration.exe simpleconnector -g "C:/GeneratedFile/file" -f "C:/SourceFile/confFile.csv" +**./identitymanager-Generate-Configuration.exe simpleconnector -g "C:/GeneratedFile/file" -f "C:/SourceFile/confFile.csv"** ``` @@ -62,7 +62,7 @@ Example of xml file ``` -./identitymanager-Generate-Configuration.exe complexconnector -g "C:/GeneratedFile/file" "C:/SourceFile/confFile.xml" +**./identitymanager-Generate-Configuration.exe complexconnector -g "C:/GeneratedFile/file" "C:/SourceFile/confFile.xml"** ``` diff --git a/docs/identitymanager/saas/integration-guide/executables/references/index.md b/docs/identitymanager/saas/integration-guide/executables/references/index.md index cee0dfcaf6..6ffe646468 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/index.md @@ -14,23 +14,23 @@ sidebar_position: 10 Transforms strings to anonymize given data. -- [ Usercube-Compute-CorrelationKeys ](/docs/identitymanager/saas/integration-guide/executables/references/compute-correlationkeys/index.md) +- [Usercube-Compute-CorrelationKeys](/docs/identitymanager/saas/integration-guide/executables/references/compute-correlationkeys/index.md) Computes the values of all correlation keys. -- [ Usercube-Configuration-Transform ](/docs/identitymanager/saas/integration-guide/executables/references/configuration-transform/index.md) +- [Usercube-Configuration-Transform](/docs/identitymanager/saas/integration-guide/executables/references/configuration-transform/index.md) Applies a series of transformation. -- [ Usercube-Create-DatabaseViews ](/docs/identitymanager/saas/integration-guide/executables/references/create-databaseviews/index.md) +- [Usercube-Create-DatabaseViews](/docs/identitymanager/saas/integration-guide/executables/references/create-databaseviews/index.md) Generates entity model SQL views in the Identity Manager database. -- [ Usercube-CSV-Transform ](/docs/identitymanager/saas/integration-guide/executables/references/csv-transform/index.md) +- [Usercube-CSV-Transform](/docs/identitymanager/saas/integration-guide/executables/references/csv-transform/index.md) Modifies a CSV file by performing operations on its headers and/or columns. -- [ Usercube-Decrypt-File ](/docs/identitymanager/saas/integration-guide/executables/references/decrypt-file/index.md) +- [Usercube-Decrypt-File](/docs/identitymanager/saas/integration-guide/executables/references/decrypt-file/index.md) Decrypts an input file to save it into an output file or an OutPutConsole that can be used in Powershell scripts or programs. @@ -40,11 +40,11 @@ sidebar_position: 10 Retrieves all XML configuration files from a given folder, in order to calculate the configuration items to insert, update or delete in the application. -- [ Usercube-EasyVistaTicket-UpdateFulfillmentState ](/docs/identitymanager/saas/integration-guide/executables/references/easyvistaticket-updatefulfillmentstate/index.md) +- [Usercube-EasyVistaTicket-UpdateFulfillmentState](/docs/identitymanager/saas/integration-guide/executables/references/easyvistaticket-updatefulfillmentstate/index.md) Updates the assigned resource types according to EasyVista tickets state. -- [ Usercube-Encrypt-File ](/docs/identitymanager/saas/integration-guide/executables/references/encrypt-file/index.md) +- [Usercube-Encrypt-File](/docs/identitymanager/saas/integration-guide/executables/references/encrypt-file/index.md) Encrypts an input file or the InputConsole of a Powershell program or file to save it as an encrypted output file. @@ -53,7 +53,7 @@ sidebar_position: 10 Exports the database to a bacpac file. -- [ Usercube-Export-Configuration ](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) +- [Usercube-Export-Configuration](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) Generates in a folder the files of the configuration found in the database. @@ -61,7 +61,7 @@ sidebar_position: 10 Exports CSV files. -- [ Usercube-Export-EasyVista ](/docs/identitymanager/saas/integration-guide/executables/references/export-easyvista/index.md) +- [Usercube-Export-EasyVista](/docs/identitymanager/saas/integration-guide/executables/references/export-easyvista/index.md) Exports CSV files. @@ -77,7 +77,7 @@ sidebar_position: 10 Fills the `BankingSystem` database for the Banking demo application. -- [ Usercube-Fulfill-EasyVista ](/docs/identitymanager/saas/integration-guide/executables/references/fulfill-easyvista/index.md) +- [Usercube-Fulfill-EasyVista](/docs/identitymanager/saas/integration-guide/executables/references/fulfill-easyvista/index.md) Creates, updates and archives employees in an EasyVista instance. @@ -93,23 +93,23 @@ sidebar_position: 10 Generates from a CSV file the configuration of a connector with these entities. -- [ Usercube-Get-JobSteps ](/docs/identitymanager/saas/integration-guide/executables/references/get-jobsteps/index.md) +- [Usercube-Get-JobSteps](/docs/identitymanager/saas/integration-guide/executables/references/get-jobsteps/index.md) Returns the list of all tasks present in a given job. -- [ Usercube-Invoke-Job ](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md) +- [Usercube-Invoke-Job](/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md) Launches a job on the agent side. -- [ Usercube-Invoke-ServerJob ](/docs/identitymanager/saas/integration-guide/executables/references/invoke-serverjob/index.md) +- [Usercube-Invoke-ServerJob](/docs/identitymanager/saas/integration-guide/executables/references/invoke-serverjob/index.md) Launches jobs on the server side. -- [ Usercube-Login ](/docs/identitymanager/saas/integration-guide/executables/references/login/index.md) +- [Usercube-Login](/docs/identitymanager/saas/integration-guide/executables/references/login/index.md) Provides an authentication token needed for SaaS configuration deployment/export. -- [ Usercube-Manage-Configuration Dependent Indexes ](/docs/identitymanager/saas/integration-guide/executables/references/manage-configurationdependantindexes/index.md) +- [Usercube-Manage-Configuration Dependent Indexes](/docs/identitymanager/saas/integration-guide/executables/references/manage-configurationdependantindexes/index.md) Creates the necessary indexes based on the latest deployed configuration to optimize performances. @@ -119,32 +119,32 @@ sidebar_position: 10 Manages the data history stored in the database. It can purge old data or consolidate the history. -- [ Usercube-New-OpenIDSecret ](/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md) +- [Usercube-New-OpenIDSecret](/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md) Allows to generate the hashed password of the secret to connect to the given client for agent side job Identity Manager. -- [ Usercube-PasswordGenerator ](/docs/identitymanager/saas/integration-guide/executables/references/passwordgenerator/index.md) +- [Usercube-PasswordGenerator](/docs/identitymanager/saas/integration-guide/executables/references/passwordgenerator/index.md) Generates a password. -- [ Usercube-Prepare-Synchronization ](/docs/identitymanager/saas/integration-guide/executables/references/prepare-synchronization/index.md) +- [Usercube-Prepare-Synchronization](/docs/identitymanager/saas/integration-guide/executables/references/prepare-synchronization/index.md) Cleanses exported CSV files. -- [ Usercube-Protect-CertificatePassword ](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) +- [Usercube-Protect-CertificatePassword](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) Encrypts a .pfx archive password using a Identity Manager provided RSA key. -- [ Usercube-Protect-X509JsonFile ](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonfile/index.md) +- [Usercube-Protect-X509JsonFile](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonfile/index.md) Encrypts sensitive data from a given JSON file. -- [ Usercube-Protect-X509JsonValue ](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonvalue/index.md) +- [Usercube-Protect-X509JsonValue](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonvalue/index.md) Encrypts the values of sensitive data. -- [ Usercube-RefreshSchema ](/docs/identitymanager/saas/integration-guide/executables/references/refreshschema/index.md) +- [Usercube-RefreshSchema](/docs/identitymanager/saas/integration-guide/executables/references/refreshschema/index.md) Refreshes the schema of a given connection. Takes as input a connection, and refreshes its schema. The result of the update is stored into the database. diff --git a/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md b/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md index f659a956e4..b7ae256cce 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/invoke-job/index.md @@ -18,12 +18,12 @@ When a job is launched, the state machine starts by computing all the tasks that the job. Each task is assigned a launch order which can be configured in -[ Job ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/job/index.md) steps. All the job's tasks are grouped +[Job](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/job/index.md) steps. All the job's tasks are grouped together according to their launch order, and they are launched by group. Such task grouping allows the job to be faster executed. The launch orders of all the tasks of a job can be listed by using the -[ Usercube-Get-JobSteps ](/docs/identitymanager/saas/integration-guide/executables/references/get-jobsteps/index.md) executable. +[Usercube-Get-JobSteps](/docs/identitymanager/saas/integration-guide/executables/references/get-jobsteps/index.md) executable. Before any task is launched, the state machine checks the task's parent tasks in order to verify whether the task must be launched or not. @@ -53,7 +53,7 @@ Then the task is launched, and then: In the case where the job is blocked and restarted: - if the blocked task is a - [ Synchronize Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md), + [Synchronize Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md), then the state machine runs a synchronization validation on the related connector, and uses the id of the blocked task instance to synchronize the related tables; - if the blocked task is a @@ -94,6 +94,6 @@ launch group. | --task-string-contains (-s) optional | **Type** String **Description** Launches all tasks with an identifier containing the given value. | | | | | --- | --- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect /Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect /Secret pair/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect /Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect /Secret pair/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | diff --git a/docs/identitymanager/saas/integration-guide/executables/references/invoke-serverjob/index.md b/docs/identitymanager/saas/integration-guide/executables/references/invoke-serverjob/index.md index fdc922cf0e..7f8559e950 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/invoke-serverjob/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/invoke-serverjob/index.md @@ -12,13 +12,13 @@ To launch the job in the Server side only you need to run the executable Usercube-Invoke-ServerJob.exe. To know the task launch orders in job use the following exe: Usercube-Get-Job Steps .exe. See the -[ Usercube-Get-JobSteps ](/docs/identitymanager/saas/integration-guide/executables/references/get-jobsteps/index.md) topic for additional information. +[Usercube-Get-JobSteps](/docs/identitymanager/saas/integration-guide/executables/references/get-jobsteps/index.md) topic for additional information. ## Examples ``` -.\Usercube-Invoke-ServerJob.exe -g "CleanDatabase" -s secret +**.\Usercube-Invoke-ServerJob.exe -g "CleanDatabase" -s secret** ``` diff --git a/docs/identitymanager/saas/integration-guide/executables/references/login/index.md b/docs/identitymanager/saas/integration-guide/executables/references/login/index.md index e94876e771..6a8e88f94a 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/login/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/login/index.md @@ -20,7 +20,7 @@ Identity Manager's IDP that will provide you with the authentication token. ``` -./identitymanager-Login.exe +**./identitymanager-Login.exe** ``` @@ -31,7 +31,7 @@ redirected to the IDP that will provide you with the authentication token. ``` -./identitymanager-Login.exe --authority https://my_oidc_authentication_server.com --client-id 34b3c-fb45da-3ed32 +**./identitymanager-Login.exe --authority https://my_oidc_authentication_server.com --client-id 34b3c-fb45da-3ed32** ``` @@ -41,7 +41,7 @@ be redirected to Identity Manager's IDP. that will provide you with the authenti ``` -./identitymanager-Login.exe --port 5050 +**./identitymanager-Login.exe --port 5050** ``` diff --git a/docs/identitymanager/saas/integration-guide/executables/references/manage-history/index.md b/docs/identitymanager/saas/integration-guide/executables/references/manage-history/index.md index 85075e66ab..522f637562 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/manage-history/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/manage-history/index.md @@ -17,7 +17,7 @@ which are the tables actually purged: `ur_resources`; `ur_resourcelinks`; ## Examples -Purge before a period +**Purge before a period** To clean the database periodically, it can be purged of all the history older than a given period of time. @@ -31,7 +31,7 @@ script in the command line. ./identitymanager-Manage-History.exe --purge-before-months 12 --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;" ``` -Purge before a date +**Purge before a date** The database can be purged of all history older than a given date. @@ -44,7 +44,7 @@ script in the command line. ./identitymanager-Manage-History.exe --purge-before-date 19930526 --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;" ``` -Optimize +**Optimize** The database's history can be optimized by removing intermediate versions based on their age, for example keeping only one version the last week, one per month the last 6 months and then one per @@ -78,7 +78,7 @@ you can specify a short duration that allows a single change, for example only o following example copies the previous one, in addition we want to keep all changes of the last 6 hours (360 minutes): `--optimize 1:360 1440:7 43920:6 525960:2`. -Clean duplicates +**Clean duplicates** As given data can have several versions in the database, redundant rows can be deleted and replaced with one row that covers the consolidated time range. @@ -90,7 +90,7 @@ script in the command line. ``` -./identitymanager-Manage-History.exe --clean-duplicates --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;" +**./identitymanager-Manage-History.exe --clean-duplicates --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;"** ``` @@ -105,7 +105,7 @@ script in the command line. ``` -Solicit memory rather than the database +**Solicit memory rather than the database** To reduce the database load, the tool's optimizations can be made via the local device's memory. diff --git a/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md b/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md index c153d4df7c..67f047b7ec 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md @@ -20,9 +20,7 @@ Usercube-New-OpenIDSecret.exe'. ```` -The output shows the client secret and its hashed version. It must be entered in the [ -OpenIdClient -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) configuration. +The output shows the client secret and its hashed version. It must be entered in the [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) configuration. ## Arguments diff --git a/docs/identitymanager/saas/integration-guide/executables/references/prepare-synchronization/index.md b/docs/identitymanager/saas/integration-guide/executables/references/prepare-synchronization/index.md index 944450496f..7d17cf03e0 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/prepare-synchronization/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/prepare-synchronization/index.md @@ -22,9 +22,9 @@ topic for additional information. The following actions are performed on the _CSV source files_: 1. Remove columns that are not used in - [ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) + [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or - [ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). + [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). 2. Remove entries that have a null primary key. 3. Remove duplicates. 4. Sort entries according to the primary key. @@ -34,9 +34,9 @@ The result of the _Prepare-Synchronization_ is stored in the as three files: - For every entity type of the relevant _Connector_ involved in an - [ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) + [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or an - [ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), + [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), a `.sorted.csv` file is generated, containing the final, cleansed and sorted result. - Duplicates are kept in a separate `.duplicates.csv` file. - Null primary key entries are kept in a separate `.nullpk.csv` file. @@ -126,15 +126,15 @@ and _manager_). | Name | Details | | ----------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| --agent required | **Type** [ Agent ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/agent/index.md) **Description** Identifier of the agent where the task runs. | -| --connector required | **Type** [ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) **Description** Identifier of the linked connector. The task is linked to a connector whose entity types are synchronized. | -| --synchronization-mode required | **Type** [ Upward Data Synchronization ](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md)Mode **Description** Synchronization mode for this task can be one of the following: - Initial - Complete - Incremental This must be the same as the associated Export and Synchronize tasks. Use _initial_ if this is the first time the target managed system is synchronized. Use _complete_ to load the data from the managed system as a whole. Use _incremental_ to consider only incremental changes from the last synchronization. In _incremental_ mode, the Prepare-Synchronization task computes changes in the source managed system since the last _Prepare-Synchronization_. | +| --agent required | **Type** [Agent](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/agent/index.md) **Description** Identifier of the agent where the task runs. | +| --connector required | **Type** [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) **Description** Identifier of the linked connector. The task is linked to a connector whose entity types are synchronized. | +| --synchronization-mode required | **Type** [Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md)Mode **Description** Synchronization mode for this task can be one of the following: - Initial - Complete - Incremental This must be the same as the associated Export and Synchronize tasks. Use _initial_ if this is the first time the target managed system is synchronized. Use _complete_ to load the data from the managed system as a whole. Use _incremental_ to consider only incremental changes from the last synchronization. In _incremental_ mode, the Prepare-Synchronization task computes changes in the source managed system since the last _Prepare-Synchronization_. | | --sources-directory default value: ExportOutput | **Type** String **Description** Directory path, relative to temp folder, from which export files to cleanse are read. See the [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/general-purpose/index.md) topic for additional information | | --working-directory default value: Collect | **Type** String **Description** The directory path, relative to work folder, to which intermediary and cleansed files are stored. See the [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/general-purpose/index.md) topic for additional information | | | | | --- | --- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an OpenID Connect ClientId/Secret pair, linked to a profile with the relevant permissions. See the [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an OpenID Connect ClientId/Secret pair, linked to a profile with the relevant permissions. See the [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an OpenID Connect ClientId/Secret pair, linked to a profile with the relevant permissions. See the [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an OpenID Connect ClientId/Secret pair, linked to a profile with the relevant permissions. See the [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md b/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md index f51f5335d1..48b5a49ef3 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md @@ -24,7 +24,7 @@ The output is the following : ``` -ep4BsLtg5RVFVI1kEIMZbV1q7Bg2eAFzeD73YX5fV7eklSIqcJcxHsCQbyY2zKLppXSX+Zpwm7xU5QY6DTAJleFbWsP/p0fjXUn1agy1tQ6l6t6wvURBZcePEgu+ivNjpUENbDIBotPdzbpISLJIjQbISzHDWnHuWPk/l8h0wXU=@WrAj9YdcNK8cQvfopZa5g1QFc1hk6nPolkwQAkU2ORfXupgV7kaWgKF4W/UmC0XXg4zuaqpVui6ivB0jbLTiXgQ62o+bG9ZSEJLaur4d20TMRNadqnWTWPWhVJF6XiS4jX7sDvVrZO3sKQJMNzZSeTKmsl0w0boCBEkuHsWDA24=@0oLLKxcTJGxSx1uGvhexEA== +**ep4BsLtg5RVFVI1kEIMZbV1q7Bg2eAFzeD73YX5fV7eklSIqcJcxHsCQbyY2zKLppXSX+Zpwm7xU5QY6DTAJleFbWsP/p0fjXUn1agy1tQ6l6t6wvURBZcePEgu+ivNjpUENbDIBotPdzbpISLJIjQbISzHDWnHuWPk/l8h0wXU=@WrAj9YdcNK8cQvfopZa5g1QFc1hk6nPolkwQAkU2ORfXupgV7kaWgKF4W/UmC0XXg4zuaqpVui6ivB0jbLTiXgQ62o+bG9ZSEJLaur4d20TMRNadqnWTWPWhVJF6XiS4jX7sDvVrZO3sKQJMNzZSeTKmsl0w0boCBEkuHsWDA24=@0oLLKxcTJGxSx1uGvhexEA==** ``` diff --git a/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonfile/index.md b/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonfile/index.md index daf9862eb7..5638b186ee 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonfile/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonfile/index.md @@ -8,14 +8,14 @@ sidebar_position: 310 This tool is used to encrypt a JSON file containing sensitive connection data, for example the `appsettings-agent.json` file, with -[ RSA Encryption ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md). The +[RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md). The encryption is based on the information given in your `appsettings.json` file about either a PFX file or the location of the encryption certificate in the Microsoft store. See the [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/general-purpose/index.md) topic for additional information. This tool `Usercube-Protect-X509JsonFile` is used to encrypt a whole file, in comparison to the -[ Usercube-Protect-X509JsonValue ](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonvalue/index.md) tool that encrypts only a +[Usercube-Protect-X509JsonValue](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonvalue/index.md) tool that encrypts only a given value. This tool is more appropriate than `Usercube-Protect-X509JsonValue` when you have many lines to encrypt. @@ -26,7 +26,7 @@ and creates the `appsettings.encrypted.agent.json` file in the same folder. ``` -./identitymanager-Protect-X509JsonFile.exe --input-json-file-path "C:/identitymanagerTraining/appsettings.agent.json" --output-json-file-path "C:/identitymanagerTraining/appsettings.encrypted.agent.json" +**./identitymanager-Protect-X509JsonFile.exe --input-json-file-path "C:/identitymanagerTraining/appsettings.agent.json" --output-json-file-path "C:/identitymanagerTraining/appsettings.encrypted.agent.json"** ``` @@ -51,9 +51,7 @@ appsettings.agent.json "ApplicationUri": "http://localhost:3000" }, "NotificationSettings": { - "Cultures": [ - "en" - ] + "Cultures": ["en"] } }, ... @@ -81,9 +79,7 @@ appsettings.encrypted.agent.json "ApplicationUri": "kxABAFAEx4fWwG/ANPVTf/WGyccDxoR2xCy+x+U3Ny1KkqnOFw+SizePTgINTzBaYHLTHABQD0GWW6U+4qiG6DpcIcdAD0VVnddqB5a+YIE0reufXYhZTrDU/9yeG6aUWIHkLl9UudC/nnW6zMrjChiJhJvT7csFKdgbqUazZT56hR0i6XS36a5h2/tTWhbZTkk1Dil5JP7xUcu5CMWyXMUvGvK8gfQozYxo/DJTOiLrWjg5ION1yx+ZqPhcIUxgYaBjxSpfT6U9YMy5mE9JGqf7W76baS9fOVr3H1DAL02icX29uJAcsw1r9k1rJQIKEhAuqTNeuqF6C6iPHJAsail+iteOJEYgBSACRz7Te4t6Hp7PBs0FfP0WY1oL+1T+p7X+HaO1jAJhE50J2AKhGNXTZfE=" }, "NotificationSettings": { - "Cultures": [ - "kxABAPwTbpFUbP9xT9HyqtTuMLKT9sVD0Qq1kCsI44d12vJEcW2MMy9K5vKakwTPeJpvY6SafELoHc7AjKnh8ZJi0/Yu4dieE5W+5uXY1uaghYJ/2VjimzIsDhvRhm90xUlaMjdFBjx4HAnxBAtEbEjifdGHxZ0L9F305hXSTORj53u76ctCE5D9HPTN3AgLmyIGv5NExwhD4sgppbf6PWjTEZ7yNcoUpkkS4pJ6BMz+PaQo26A2rMP710zQgG72an4XvxSoR3SwSm0fhLCASgYi8YOZw0j/cfxl/LrW1EQ7gyW0/Mw9v1YRNH3DkbWSeHZ3odhDWdaWkzR6yOEt5hO60eM0w8Tjoed30Jwf+enf1rJFStDe/dhg6vjUIaTn6tt1Gw==" - ] + "Cultures": ["kxABAPwTbpFUbP9xT9HyqtTuMLKT9sVD0Qq1kCsI44d12vJEcW2MMy9K5vKakwTPeJpvY6SafELoHc7AjKnh8ZJi0/Yu4dieE5W+5uXY1uaghYJ/2VjimzIsDhvRhm90xUlaMjdFBjx4HAnxBAtEbEjifdGHxZ0L9F305hXSTORj53u76ctCE5D9HPTN3AgLmyIGv5NExwhD4sgppbf6PWjTEZ7yNcoUpkkS4pJ6BMz+PaQo26A2rMP710zQgG72an4XvxSoR3SwSm0fhLCASgYi8YOZw0j/cfxl/LrW1EQ7gyW0/Mw9v1YRNH3DkbWSeHZ3odhDWdaWkzR6yOEt5hO60eM0w8Tjoed30Jwf+enf1rJFStDe/dhg6vjUIaTn6tt1Gw=="] } }, ... @@ -98,7 +94,7 @@ The login to encrypt is stored in the following format, compliant with the [appsettings.agent](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md).json structure: -appsettings.beforeEncryption.json +**appsettings.beforeEncryption.json** ``` diff --git a/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonvalue/index.md b/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonvalue/index.md index 6529c756ff..8a0d8e5c9a 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonvalue/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonvalue/index.md @@ -8,7 +8,7 @@ sidebar_position: 320 This tool is used to encrypt sensitive connection data, for example data from the `appsettings.agent.json` file, with -[ RSA Encryption ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md). The +[RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md). The encryption is based on the information given in your `appsettings.json` file about either a PFX file or the location of the encryption certificate in the Microsoft store. See the [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/general-purpose/index.md) @@ -25,7 +25,7 @@ the `appsettings.agent.json` file. ``` -./identitymanager-Protect-X509JsonValue.exe --values "0" "secret" +**./identitymanager-Protect-X509JsonValue.exe --values "0" "secret"** ``` @@ -72,7 +72,7 @@ The output, in the console, shows the encrypted value for the _charlotte2028_ st ``` -kxABABJR7wYaQIqNjHT/rhYVMp5Vmsao7/eBLb7JCIiHMOKbi2sC0dY0SAJgj50NQ0kEH5LS3Y3TYso98+IdnxAzpURrtNu/LUWCJo1kTLM/taygebc0MK4XbkFmWzEgzLcVhAIy8GyFgEWqgNhOx7vwSPXFRrhQTVqIjwO0QNqxlZ5s6uyQm5fk9es2o6aLL0xwbvqspReFxZwuHrguAoIvkBnaKSsDfTLSuheP6VN7yOglLHvZ8Sn9R42M2BpG/dKIHXG6i1LkxkKoVKS9gFO7Hx8VUmYgxG+qIKTRVHdpMctqWKNUJTsQkmRKs+S3qiA2mgK/iC/dp923TfigAnBLWtyXw8eKDJjZ+s6n878BIf55iEjpgOrbm5FLzj8dfqPhQw== +**kxABABJR7wYaQIqNjHT/rhYVMp5Vmsao7/eBLb7JCIiHMOKbi2sC0dY0SAJgj50NQ0kEH5LS3Y3TYso98+IdnxAzpURrtNu/LUWCJo1kTLM/taygebc0MK4XbkFmWzEgzLcVhAIy8GyFgEWqgNhOx7vwSPXFRrhQTVqIjwO0QNqxlZ5s6uyQm5fk9es2o6aLL0xwbvqspReFxZwuHrguAoIvkBnaKSsDfTLSuheP6VN7yOglLHvZ8Sn9R42M2BpG/dKIHXG6i1LkxkKoVKS9gFO7Hx8VUmYgxG+qIKTRVHdpMctqWKNUJTsQkmRKs+S3qiA2mgK/iC/dp923TfigAnBLWtyXw8eKDJjZ+s6n878BIf55iEjpgOrbm5FLzj8dfqPhQw==** ``` diff --git a/docs/identitymanager/saas/integration-guide/executables/references/refreshschema/index.md b/docs/identitymanager/saas/integration-guide/executables/references/refreshschema/index.md index 0603fbb1ee..34c867595c 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/refreshschema/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/refreshschema/index.md @@ -22,11 +22,11 @@ The credentials used to connect to the connection come from the | Name | Details | | -------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| --connection-id \*required | **Type** Integer **Description** Id of a connection whose schemas are updated. See the [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. | +| --connection-id \*required | **Type** Integer **Description** Id of a connection whose schemas are updated. See the [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topic for additional information. | | | | | --- | --- | -| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | -| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-client-id required | **Type** String **Description** Login used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | +| --api-secret required | **Type** String **Description** Password used to authenticate to the server. Every request from agent to server needs to be authenticated with an [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) Connect ClientId/Secret pair, linked to a profile with the relevant permissions. | | --api-url required | **Type** String **Description** URL of Identity Manager server. | | | | | --- | --- | diff --git a/docs/identitymanager/saas/integration-guide/executables/references/send-passwordnotification/index.md b/docs/identitymanager/saas/integration-guide/executables/references/send-passwordnotification/index.md index cb594c13d6..839da104e3 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/send-passwordnotification/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/send-passwordnotification/index.md @@ -27,7 +27,7 @@ For the notification to be sent, the server set at **appsettings** > **Applicati running. The [Resource Type Mappings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/index.md) should have an associated -[ Password Reset Settings ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md). +[Password Reset Settings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md). For the notification to be sent, the password reset settings should at least contain a notified email binding. diff --git a/docs/identitymanager/saas/integration-guide/executables/references/update-entitypropertyexpressions/index.md b/docs/identitymanager/saas/integration-guide/executables/references/update-entitypropertyexpressions/index.md index 628f63d34e..00c7b2ea6c 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/update-entitypropertyexpressions/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/update-entitypropertyexpressions/index.md @@ -16,7 +16,7 @@ string, for all entity types. ``` -./identitymanager-Update-EntityPropertyExpressions.exe --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false" -a +**./identitymanager-Update-EntityPropertyExpressions.exe --database-connection-string "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false" -a** ``` @@ -35,7 +35,7 @@ string, for all entity types. | --batch-size (-q) default value: 5000 | **Type** Int32 **Description** Batch size for queries. [See more details](https://docs.microsoft.com/en-us/azure/azure-sql/performance-improve-use-batching). | | --dirty optional | **Type** No Value **Description** Applies the tool incrementally by applying it only to resources marked as dirty, i.e. recently modified. | | --entitytype-list optional | **Type** String List **Description** List of entity types that the tool is to be applied to. **Note:** required when `--all-entityType` is not specified. | -| --resource-identity-property optional | **Type** String **Description** Property used to override the resource identity property set in the [ Select User by Identity Query Handler Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md). | +| --resource-identity-property optional | **Type** String **Description** Property used to override the resource identity property set in the [Select User by Identity Query Handler Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md). | | | | | --- | --- | | --log-level optional | **Type** LogLevel **Description** Level of log information among: `Verbose`; `Debug`; `Information`; `Warning`; `Error`; `Fatal`. | diff --git a/docs/identitymanager/saas/integration-guide/executables/references/upgrade-configurationversion/index.md b/docs/identitymanager/saas/integration-guide/executables/references/upgrade-configurationversion/index.md index 144110c6f2..be665c82a5 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/upgrade-configurationversion/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/upgrade-configurationversion/index.md @@ -13,7 +13,7 @@ latest version. ``` -./identitymanager-Upgrade-ConfigurationVersion.exe --version "5.1.0" --xml-path "C:/identitymanagerDemo/Conf" --output "C:/identitymanagerDemo/Conf2" +**./identitymanager-Upgrade-ConfigurationVersion.exe --version "5.1.0" --xml-path "C:/identitymanagerDemo/Conf" --output "C:/identitymanagerDemo/Conf2"** ``` diff --git a/docs/identitymanager/saas/integration-guide/executables/references/upgrade-databaseversion/index.md b/docs/identitymanager/saas/integration-guide/executables/references/upgrade-databaseversion/index.md index 88722321fd..1747848dff 100644 --- a/docs/identitymanager/saas/integration-guide/executables/references/upgrade-databaseversion/index.md +++ b/docs/identitymanager/saas/integration-guide/executables/references/upgrade-databaseversion/index.md @@ -16,7 +16,7 @@ folder of the newest version and launch the tool with the following argument: ``` -./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" +**./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString"** ``` @@ -30,7 +30,7 @@ The following example runs the database upgrade tool only for backward compatibl ``` -./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" --mode BackwardCompatibleChanges +**./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" --mode BackwardCompatibleChanges** ``` @@ -42,7 +42,7 @@ useful only when specifying `--mode BackwardCompatibleChanges`. ``` -./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" --mode BackwardCompatibleChanges --execute-predefined +**./identitymanager-Upgrade-DatabaseVersion.exe --connection-string "databaseConnectionString" --mode BackwardCompatibleChanges --execute-predefined** ``` diff --git a/docs/identitymanager/saas/integration-guide/governance/accesscertification/index.md b/docs/identitymanager/saas/integration-guide/governance/accesscertification/index.md index f8af825c00..040d1028fe 100644 --- a/docs/identitymanager/saas/integration-guide/governance/accesscertification/index.md +++ b/docs/identitymanager/saas/integration-guide/governance/accesscertification/index.md @@ -23,7 +23,7 @@ you can choose to focus on: - A certain type of assignment - Assignments not certified since a certain date - Assignments presenting a certain level of risk. See the - [ Manage Risks ](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md) topic for additional + [Manage Risks](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md) topic for additional information. Identity Manager uses an access certification campaign to define the campaign's scope including: @@ -58,12 +58,12 @@ At least one Identity Manager profile needs permissions to create campaigns. Such permission can be granted using the AccessReviewAdministrationAccessControlRules scaffolding. See the -[ Access Review Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) +[Access Review Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) topic for additional information. The administrator profile, created with CreateAdministratorProfile scaffolding, already has these permissions. See the -[ Create Administrator Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md) +[Create Administrator Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md) topic for additional information. If you are not using the AccessReviewAdministrationAccessControlRules scaffolding, the user cannot @@ -175,7 +175,7 @@ assigned ones. Scopes of responsibility can also be defined in terms of access certification campaign policy. See the -[ AccessCertificationCampaignPolicy ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationcampaignpolicy/index.md) +[AccessCertificationCampaignPolicy](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationcampaignpolicy/index.md) topic for additional information. Assigning an access certification campaign policy to an access certification campaign allows the @@ -239,5 +239,5 @@ topic for additional information. This permission also is given by the AccessReviewAdministrationAccessControlRules scaffolding. See the -[ Access Review Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) +[Access Review Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/integration-guide/governance/index.md b/docs/identitymanager/saas/integration-guide/governance/index.md index 812711a129..e4d0166448 100644 --- a/docs/identitymanager/saas/integration-guide/governance/index.md +++ b/docs/identitymanager/saas/integration-guide/governance/index.md @@ -49,4 +49,4 @@ security risk. The module facilitates the analysis and mitigation of different k as Segregation of Duties (SoD) or High Privilege. Risks can be used to identify sensitive assignments that should be reviewed first during a certification campaign. -See the [ Risk Management ](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) topic to learn how to configure risks. +See the [Risk Management](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) topic to learn how to configure risks. diff --git a/docs/identitymanager/saas/integration-guide/governance/reporting/analyze-powerbi/index.md b/docs/identitymanager/saas/integration-guide/governance/reporting/analyze-powerbi/index.md index 1c327056b3..823d72c776 100644 --- a/docs/identitymanager/saas/integration-guide/governance/reporting/analyze-powerbi/index.md +++ b/docs/identitymanager/saas/integration-guide/governance/reporting/analyze-powerbi/index.md @@ -41,25 +41,31 @@ Integrators need to know: display, etc. from both Identity Manager-hard-coded and customized parts - what data needs to be displayed in the end -**NOTE:** Power BI is able to analyze all Identity Manager's data, hard-coded and customized, but +:::note +Power BI is able to analyze all Identity Manager's data, hard-coded and customized, but only current data, i.e. nothing from the history. +::: + ## Analyze Identity Manager's Data with Power BI Build the universe model by proceeding as follows: **Step 1 –** Define the appropriate universes using scaffoldings. See the -[ Queries ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) topic +[Queries](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) topic for additional information. -_Remember,_ in order to understand business intelligence, with its universes, entity instances and +:::tip +Remember, in order to understand business intelligence, with its universes, entity instances and association instances. See the -[ Universe ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) topic +[Universe](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) topic for additional information. Also note that XML objects that automatically generate XML snippets that would be complex and/or tedious to write manually. See the[Scaffoldings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md) topic for additional information. +::: + Netwrix recommends creating no more than one universe to generate one report, to prevent issues about name uniqueness. @@ -111,7 +117,7 @@ This is how you analyze Identity Manager data through Power BI. In order to maintain the model you must remember the ones listed below. -Refresh data +**Refresh data** You must define, in Power BI Service or Report Server, a frequency for data refresh so that reports display up-to-date data. See the @@ -120,7 +126,7 @@ additional information. Data is often refreshed once a day. Define the refresh frequency according to your needs. -Foresee the Impact of Model Modifications +**Foresee the Impact of Model Modifications** A change inside an existing entity, for example adding a scalar field, does not require any particular actions on the universe model. @@ -128,5 +134,5 @@ particular actions on the universe model. A change in an association requires making the corresponding change in the universe model, as association instances (in the universe model) are based on entity associations in Identity Manager's data model. See the -[ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) +[Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/integration-guide/governance/reporting/connect-powerbi/index.md b/docs/identitymanager/saas/integration-guide/governance/reporting/connect-powerbi/index.md index 35e34b7de1..61704257d9 100644 --- a/docs/identitymanager/saas/integration-guide/governance/reporting/connect-powerbi/index.md +++ b/docs/identitymanager/saas/integration-guide/governance/reporting/connect-powerbi/index.md @@ -40,14 +40,14 @@ Connect Power BI to Identity Manager by proceeding as follows: ![Server URL](/img/product_docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/connect-powerbi/powerbi_url.webp) 5. In the opening window, enter the - [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md)of + [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md)of the `Administrator` profile. The `Client Id` expects the concatenation of the identifier of `OpenIdClient` with `@` and Identity Manager's domain name. See the following example. ![Client Id / Client Secret](/img/product_docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/connect-powerbi/powerbi_clientid.webp) 6. You can now access in the left panel the - [ Universe ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md)from + [Universe](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md)from Identity Manager configuration. You can click on the desired universe to expand it, and view and pick the desired tables. diff --git a/docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/analyze-powerbi/index.md b/docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/analyze-powerbi/index.md index b83cdada7f..af95b0a972 100644 --- a/docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/analyze-powerbi/index.md +++ b/docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/analyze-powerbi/index.md @@ -35,25 +35,31 @@ Integrators need to know: display, etc. from both Identity Manager-hard-coded and customized parts - what data needs to be displayed in the end -**NOTE:** Power BI is able to analyze all Identity Manager's data, hard-coded and customized, but +:::note +Power BI is able to analyze all Identity Manager's data, hard-coded and customized, but only current data, i.e. nothing from the history. +::: + ## Analyze Identity Manager's Data with Power BI Build the universe model by proceeding as follows: **Step 1 –** Define the appropriate universes using scaffoldings. See the -[ Queries ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) topic +[Queries](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) topic for additional information. -_Remember,_ in order to understand business intelligence, with its universes, entity instances and +:::tip +Remember, in order to understand business intelligence, with its universes, entity instances and association instances. See the -[ Universe ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) topic +[Universe](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) topic for additional information. Also note that XML objects that automatically generate XML snippets that would be complex and/or tedious to write manually. See the[Scaffoldings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md) topic for additional information. +::: + Netwrix recommends creating no more than one universe to generate one report, to prevent issues about name uniqueness. @@ -105,7 +111,7 @@ This is how you analyze Identity Manager data through Power BI. In order to maintain the model you must remember the ones listed below. -Refresh data +**Refresh data** You must define, in Power BI Service or Report Server, a frequency for data refresh so that reports display up-to-date data. See the @@ -114,7 +120,7 @@ additional information. Data is often refreshed once a day. Define the refresh frequency according to your needs. -Foresee the Impact of Model Modifications +**Foresee the Impact of Model Modifications** A change inside an existing entity, for example adding a scalar field, does not require any particular actions on the universe model. @@ -122,5 +128,5 @@ particular actions on the universe model. A change in an association requires making the corresponding change in the universe model, as association instances (in the universe model) are based on entity associations in Identity Manager's data model. See the -[ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) +[Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/connect-powerbi/index.md b/docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/connect-powerbi/index.md index a60949be8a..db06b7d8aa 100644 --- a/docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/connect-powerbi/index.md +++ b/docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/connect-powerbi/index.md @@ -34,14 +34,14 @@ Connect Power BI to Identity Manager by proceeding as follows: ![Server URL](/img/product_docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/connect-powerbi/powerbi_url.webp) 5. In the opening window, enter the - [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md)of + [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md)of the `Administrator` profile. The `Client Id` expects the concatenation of the identifier of `OpenIdClient` with `@` and Identity Manager's domain name. See the following example. ![Client Id / Client Secret](/img/product_docs/identitymanager/saas/integration-guide/governance/reporting/how-tos/connect-powerbi/powerbi_clientid.webp) 6. You can now access in the left panel the - [ Universe ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md)from + [Universe](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md)from Identity Manager configuration. You can click on the desired universe to expand it, and view and pick the desired tables. diff --git a/docs/identitymanager/saas/integration-guide/governance/reporting/index.md b/docs/identitymanager/saas/integration-guide/governance/reporting/index.md index b298131c11..17c1044d30 100644 --- a/docs/identitymanager/saas/integration-guide/governance/reporting/index.md +++ b/docs/identitymanager/saas/integration-guide/governance/reporting/index.md @@ -8,7 +8,7 @@ sidebar_position: 10 The Reporting module is used to generate basic reports in CSV using [API query grammar](/docs/identitymanager/saas/integration-guide/api/squery/index.md), or advanced reports using the -[ Business Intelligence ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/index.md) module. +[Business Intelligence](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/index.md) module. -See the [ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for +See the [Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for additional information on generating reports. diff --git a/docs/identitymanager/saas/integration-guide/governance/review-prolonged-entitlements/index.md b/docs/identitymanager/saas/integration-guide/governance/review-prolonged-entitlements/index.md index 8a2f3d4d6f..1c5317224a 100644 --- a/docs/identitymanager/saas/integration-guide/governance/review-prolonged-entitlements/index.md +++ b/docs/identitymanager/saas/integration-guide/governance/review-prolonged-entitlements/index.md @@ -16,7 +16,7 @@ the users are supposed to lose the role, then they keep it for the time defined and the role's workflow state switches from `Automatic` to `Prolonged`. Then a manager must access these entitlements in the **Role Review** screen, to either approve or decline the role prolongation. See the -[ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for +[Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for additional information. ## Assign the Right to Review Prolonged Entitlements diff --git a/docs/identitymanager/saas/integration-guide/governance/risks/index.md b/docs/identitymanager/saas/integration-guide/governance/risks/index.md index b8e1ad99f6..0e1adb435d 100644 --- a/docs/identitymanager/saas/integration-guide/governance/risks/index.md +++ b/docs/identitymanager/saas/integration-guide/governance/risks/index.md @@ -13,7 +13,7 @@ with a risk-based method. ## Overview -A [ Risk ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) describes a sensitive +A [Risk](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) describes a sensitive situation of entitlement assignments that needs to be monitored. Risk management is essential to auditing. End-users can define models of risks, assigned to @@ -28,13 +28,13 @@ current request. The higher the score, the higher the threat. The identities wit scores are the priority of the next [Access Certification](/docs/identitymanager/saas/integration-guide/governance/accesscertification/index.md) campaign. -See the [ Manage Risks ](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md)topic for additional +See the [Manage Risks](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md)topic for additional information on how to use the risk management module to identify entitlement assignments that pose a security risk. ## Risk Definition -A [ Risk ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) is an object that describes a +A [Risk](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) is an object that describes a sensitive situation of assignments of entitlements. The assignment of a risk to an identity highlights, for a potential auditor, the need to closely @@ -123,7 +123,7 @@ risk that would have been blocking otherwise, is just a warning. ### Risk Rules -[ Risk ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) are assigned to resources +[Risk](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) are assigned to resources manually by a knowledgeable user or automatically, by the [Evaluate Policy](/docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/index.md) algorithm. @@ -131,7 +131,7 @@ When a risk is assigned to a resource, a new identified risk is created under th `UP_IdentifiedRisks` table. Automatic assignment of risks is based on -[ Risk ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) rules. For each new +[Risk](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) rules. For each new fine-grained assignment on a resource, risk rules are applied. If one of the rules matches the resource state, the related risks are assigned to the resource. Those rules are themselves based on fine-grained entitlements, such as an Active Directory account or group membership, modeled by the @@ -154,7 +154,7 @@ resource-identity. This is the way: -1. Choose an [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) of which +1. Choose an [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) of which the resource-identity could be owner. 2. Choose a navigation property of that entity type. 3. Choose a value for that navigation property. The value would be a resource from the unified @@ -165,7 +165,7 @@ navigation property and the ownership relationship. ## Risk Score -Once [ Risk ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) are assigned to +Once [Risk](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) are assigned to identities, Identity Manager computes a risk score for each relevant identity. This score allows an auditor to prioritize the diff --git a/docs/identitymanager/saas/integration-guide/identity-management/identity-repository/index.md b/docs/identitymanager/saas/integration-guide/identity-management/identity-repository/index.md index b687681d46..61ff8c6d73 100644 --- a/docs/identitymanager/saas/integration-guide/identity-management/identity-repository/index.md +++ b/docs/identitymanager/saas/integration-guide/identity-management/identity-repository/index.md @@ -35,14 +35,14 @@ The identity repository can be created and updated by: Netwrix Identity Manager (formerly Usercube) recommends creating the identity repository by downloading the provided Excel file, filling it with HR information, and uploading it back. See the -[ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) +[Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic to learn how to create the workforce repository. Then perform mass updates with the same kind of process, and update an Individual Identity via Identity Manager's workflows. See the -[ Update Identities in Bulk ](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/mass-update/index.md) +[Update Identities in Bulk](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/mass-update/index.md) and -[ Update an Individual Identity ](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/individual-update/index.md)topics +[Update an Individual Identity](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/individual-update/index.md)topics for additional information. ### Useful data diff --git a/docs/identitymanager/saas/integration-guide/identity-management/index.md b/docs/identitymanager/saas/integration-guide/identity-management/index.md index 20a50adc22..6e22d138c6 100644 --- a/docs/identitymanager/saas/integration-guide/identity-management/index.md +++ b/docs/identitymanager/saas/integration-guide/identity-management/index.md @@ -14,15 +14,15 @@ company. "Identities' lifecycles" mean any Joiners, Movers and Leavers (JML) process, i.e. staff changes, i.e. any user's onboarding, position modification and offboarding. -See the [ Identity Repository ](/docs/identitymanager/saas/integration-guide/identity-management/identity-repository/index.md) topic for additional information. -See the [ Identity Lifecycle: Joiners, Movers and Leavers ](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/index.md) topic +See the [Identity Repository](/docs/identitymanager/saas/integration-guide/identity-management/identity-repository/index.md) topic for additional information. +See the [Identity Lifecycle: Joiners, Movers and Leavers](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/index.md) topic for additional information on how Identity Manager handles the Joiners, Movers and Leavers (JML) process. Identities in Identity Manager are mostly humans, both internal and external workers, but can also be applications, bots, service accounts, or anything. -Identities are stored in the database as [ Resources ](/docs/identitymanager/saas/integration-guide/resources/index.md), which helps with Identity Manager's internal mechanisms, for example to modelize identities with [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md) types. +Identities are stored in the database as [Resources](/docs/identitymanager/saas/integration-guide/resources/index.md), which helps with Identity Manager's internal mechanisms, for example to modelize identities with [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md) types. Additional interesting parts of identity management are: diff --git a/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/index.md b/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/index.md index 5ca050213e..ee97555211 100644 --- a/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/index.md +++ b/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/index.md @@ -12,6 +12,6 @@ records. In Identity Manager, the JML process is done through workflows or through synchronization to the HR system. -See the [ Onboarding and Offboarding ](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md) and -[ Position Change via Records ](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topics for additional information on +See the [Onboarding and Offboarding](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md) and +[Position Change via Records](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topics for additional information on onboarding and offboarding and position changes via records. diff --git a/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md b/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md index a9edd8e26a..3b219267a9 100644 --- a/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md +++ b/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md @@ -29,7 +29,7 @@ The automation of the entitlement assignment processes can be really helpful. Ho not be looking for a full automation, but rather the smart automation of basic assignments such as "birthrights", while the sensitive ones keep a manual process. -See the [ Automate Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md) +See the [Automate Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md) topic for additional information about the assignment automation. ## Offboarding @@ -51,8 +51,8 @@ the user's contract in the company. These dates should then be part of entity types' properties (for example as `StartDate` and `EndDate`), in order to be used in -[ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) and -[ Context Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md). +[Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) and +[Context Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md). ![Identities - Validity Period](/img/product_docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/validityperiod.webp) diff --git a/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md b/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md index bb1be941eb..4c17f9790e 100644 --- a/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md +++ b/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md @@ -24,7 +24,7 @@ with an automated fulfillment. Identity Manager's calculations for entitlement assignments rely on heuristics, through identities' key properties called -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md). +[Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md). > For example, consider an entity type modeling identities with their job title, department and > location. @@ -167,8 +167,8 @@ A change to be effective in future can trigger the creation of a new record. ### Configuration This identity model can be implemented by configuring a -[ Context Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) and -[ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md): +[Context Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) and +[Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md): ```` diff --git a/docs/identitymanager/saas/integration-guide/modules/index.md b/docs/identitymanager/saas/integration-guide/modules/index.md index 4cc523cfd0..70c6fda0d7 100644 --- a/docs/identitymanager/saas/integration-guide/modules/index.md +++ b/docs/identitymanager/saas/integration-guide/modules/index.md @@ -17,4 +17,4 @@ logging. To use these integration modules, they just need to be configured in Id ## Logging -- [ Export Logs to a Log Management System ](/docs/identitymanager/saas/integration-guide/monitoring/qradar-setting/index.md) +- [Export Logs to a Log Management System](/docs/identitymanager/saas/integration-guide/monitoring/qradar-setting/index.md) diff --git a/docs/identitymanager/saas/integration-guide/monitoring/index.md b/docs/identitymanager/saas/integration-guide/monitoring/index.md index 918dabe395..f7809846b3 100644 --- a/docs/identitymanager/saas/integration-guide/monitoring/index.md +++ b/docs/identitymanager/saas/integration-guide/monitoring/index.md @@ -9,7 +9,7 @@ sidebar_position: 150 Identity Manager uses [Serilog](https://github.com/serilog/), a highly customizable logging tool, to provide monitoring capabilities. -See the [ References: Logs ](/docs/identitymanager/saas/integration-guide/monitoring/references/index.md) topic for additional information on the list of +See the [References: Logs](/docs/identitymanager/saas/integration-guide/monitoring/references/index.md) topic for additional information on the list of existing logs. ## Introduction @@ -159,17 +159,14 @@ appsettings.json { ... "Serilog": { - "Using": [ - "Serilog.Sinks.Network" - ], + "Using": ["Serilog.Sinks.Network"], "MinimumLevel": { "Default": "Error", "Override": { "Usercube": "Information" } }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Destination1", "Args": { "uri": "192.168.13.110", @@ -184,14 +181,11 @@ appsettings.json "port": "514", "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" } - } - ], - "Filter": [ - { + }], + "Filter": [{ "Name": "ByIncludingOnly", "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } - } - ] + }] } } ``` @@ -205,17 +199,14 @@ appsettings.json { ... "Serilog": { - "Using": [ - "Serilog.Sinks.Network" - ], + "Using": ["Serilog.Sinks.Network"], "MinimumLevel": { "Default": "Error", "Override": { "Usercube": "Information" } }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Logger1", "Args": { "configureLogger": { @@ -230,14 +221,11 @@ appsettings.json "port": "514", "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" } - } - ], - "Filter": [ - { + }], + "Filter": [{ "Name": "ByIncludingOnly", "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } - } - ] + }] } } }, @@ -248,8 +236,7 @@ appsettings.json "MinimumLevel": { "Default": "Information" }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Destination2", "Args": { "uri": "192.168.13.100", @@ -264,14 +251,11 @@ appsettings.json "port": "514", "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" } - } - ], - "Filter": [ - { + }], + "Filter": [{ "Name": "ByIncludingOnly", "Args": { "expression": "StartsWith(SourceContext, 'Test') and EventId.Id >= 800" } - } - ] + }] } } } @@ -295,15 +279,13 @@ on the **Monitoring** screen. { ... "Serilog": { - "WriteTo": [ - { + "WriteTo": [{ "Name": "File", "Args": { "path": "../Temp/Server/identitymanager-log.txt", "shared": true, } - } - ] + }] } } ``` @@ -312,7 +294,7 @@ on the **Monitoring** screen. QRadar is a supported destination for Identity Manager's logs. -See the [ Export Logs to a Log Management System ](/docs/identitymanager/saas/integration-guide/monitoring/qradar-setting/index.md) topic to learn +See the [Export Logs to a Log Management System](/docs/identitymanager/saas/integration-guide/monitoring/qradar-setting/index.md) topic to learn how to send Identity Manager's logs to your QRadar system. Three output formats are available for QRadar-routed logs: @@ -332,17 +314,14 @@ appsettings.json { ... "Serilog": { - "Using": [ - "Serilog.Sinks.Network" - ], + "Using": ["Serilog.Sinks.Network"], "MinimumLevel": { "Default": "Error", "Override": { "Usercube": "Information" } }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Logger", "Args": { "configureLogger": { @@ -357,14 +336,11 @@ appsettings.json "port": "514", "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" } - } - ], - "Filter": [ - { + }], + "Filter": [{ "Name": "ByIncludingOnly", "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } - } - ] + }] } } } @@ -385,9 +361,7 @@ appsettings.json { ... "Serilog": { - "Using": [ - "Serilog.Sinks.Syslog" - ], + "Using": ["Serilog.Sinks.Syslog"], "MinimumLevel": { "Default": "Error", "Override": { @@ -461,15 +435,13 @@ appsettings.json { ... "Serilog": { - "WriteTo": [ - { + "WriteTo": [{ "Name": "File", "Args": { "path": "../Temp/Server/identitymanager-log.txt", "shared": true, } - } - ] + }] } } ``` @@ -486,7 +458,7 @@ appsettings.json { ... "Serilog": { - "WriteTo": [ "Console" ], + "WriteTo": ["Console"], }, "LogsPath": "C:/inetpub/logs/LogFiles" } @@ -503,18 +475,16 @@ appsettings.json { ... "Serilog": { - "WriteTo": [ "Console" ], - "Using": [ "Serilog.Sinks.File" ], + "WriteTo": ["Console"], + "Using": ["Serilog.Sinks.File"], "MinimumLevel": "Error", - "WriteTo": [ - { + "WriteTo": [{ "Name": "File", "Args": { "path": "../Temp/Server/identitymanager-log.txt", "shared": true } - } - ] + }] } } ``` @@ -531,18 +501,16 @@ appsettings.json { ... "Serilog": { - "WriteTo": [ "Console" ], - "Using": [ "Serilog.Sinks.File" ], + "WriteTo": ["Console"], + "Using": ["Serilog.Sinks.File"], "MinimumLevel": "Error", - "WriteTo": [ - { + "WriteTo": [{ "Name": "File", "Args": { "path": "../Temp/Server/identitymanager-log.txt", "shared": true } - } - ] + }] } } ``` @@ -563,8 +531,7 @@ appsettings.json "Usercube": "Debug" } }, - "WriteTo": [ - { + "WriteTo": [{ "Name": "Async", "Args": { "configure": [ @@ -575,8 +542,7 @@ appsettings.json "shared: true, "buffered": "true" } - } - ] + }] } }, { diff --git a/docs/identitymanager/saas/integration-guide/monitoring/qradar-setting/index.md b/docs/identitymanager/saas/integration-guide/monitoring/qradar-setting/index.md index cb88ea41e8..b40a59b454 100644 --- a/docs/identitymanager/saas/integration-guide/monitoring/qradar-setting/index.md +++ b/docs/identitymanager/saas/integration-guide/monitoring/qradar-setting/index.md @@ -18,7 +18,7 @@ Supported log management systems are: ## Overview Typically, a Serilog configuration includes three parts: **MinimumLevel**, **Using** and -**WriteTo**. See the [ Monitoring ](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. +**WriteTo**. See the [Monitoring](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. ### Usercube's DSM in QRadar @@ -27,7 +27,7 @@ Identity Manager's logs, when producing a JSON output. Logs can be sent into QRadar without using Identity Manager's DSM in QRadar, but the logs just won't be parsed. Not all Identity Manager's logs can be sent to QRadar. See the -[ References: Logs ](/docs/identitymanager/saas/integration-guide/monitoring/references/index.md) topic for additional information. +[References: Logs](/docs/identitymanager/saas/integration-guide/monitoring/references/index.md) topic for additional information. In order to get Identity Manager's DSM, import from QRadar the `Usercube_1.0.0.zip` file, accessible in the `Runtime` folder. Identity Manager's DSM is set to automatically detect the source. This @@ -56,7 +56,7 @@ Export logs to a log management system by proceeding as follows: ``` 2. In the **Serilog** section, add a **Using** section to contain the used sink which depends on the - logs' destination, output format, etc. See the list of supported [ Monitoring ](/docs/identitymanager/saas/integration-guide/monitoring/index.md). + logs' destination, output format, etc. See the list of supported [Monitoring](/docs/identitymanager/saas/integration-guide/monitoring/index.md). Concerning QRadar, Netwrix Identity Manager (formerly Usercube) strongly recommends using the JSON format, as it can be parsed by Identity Manager's DSM or easily by a homemade parser. @@ -70,9 +70,8 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > ... > } > ... @@ -89,10 +88,9 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Console", + > "Using": [> "Serilog.Sinks.Console", > "Serilog.Sinks.Splunk.Durable" - > ], + >], > ... > } > ... @@ -106,7 +104,7 @@ Export logs to a log management system by proceeding as follows: **MinimumLevel** set to `Information`, or lower. > For example, we can define the logs' minimum level to `Information`. This way, all logs from - > the [ References: Logs ](/docs/identitymanager/saas/integration-guide/monitoring/references/index.md) with `Information` level or higher are + > the [References: Logs](/docs/identitymanager/saas/integration-guide/monitoring/references/index.md) with `Information` level or higher are > sent. > > ``` @@ -116,9 +114,8 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > "MinimumLevel": { > "Default": "Error", > "Override": { @@ -146,17 +143,15 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > "MinimumLevel": { > "Default": "Error", > "Override": { > "Usercube": "Information" > } > }, - > "WriteTo": [ - > { + > "WriteTo": [> { > "Name": "UDPSink", > "Args": { > "uri": "192.168.13.110", @@ -164,7 +159,7 @@ Export logs to a log management system by proceeding as follows: > "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" > } > } - > ] + >] > } > } > @@ -180,9 +175,8 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > "MinimumLevel": { > "Default": "Error", > "Override": { @@ -217,17 +211,15 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > "MinimumLevel": { > "Default": "Error", > "Override": { > "Usercube": "Information" > } > }, - > "WriteTo": [ - > { + > "WriteTo": [> { > "Name": "SplunkEventCollector", > "Args": { > "splunkHost": , @@ -235,7 +227,7 @@ Export logs to a log management system by proceeding as follows: > "bufferFileFullName": "log-buffer.txt" > } > } - > ] + >] > } > } > @@ -243,14 +235,14 @@ Export logs to a log management system by proceeding as follows: 5. When needing to restrict the logs sent to the system, add a filter and wrap all **WriteTo** configuration into a sub-logger, in which case the **Name** at **WriteTo**'s root must be - `Logger`. See the [ Monitoring ](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. + `Logger`. See the [Monitoring](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. For all formats, in order to send only the right logs using the specified filter, the **WriteTo** part must contain a sub-logger with its own filter. Otherwise, the filter will be applied to all sinks. For example, among Identity Manager's logs, only the logs described in the e - [ References: Logs ](/docs/identitymanager/saas/integration-guide/monitoring/references/index.md) can be parsed by QRadar's DSM and should be used + [References: Logs](/docs/identitymanager/saas/integration-guide/monitoring/references/index.md) can be parsed by QRadar's DSM and should be used by a SIEM system. Hence the importance of having a filter and a sub-logger. Never include logs with event ids inferior to 500, in order not to be overwhelmed with logs @@ -265,17 +257,15 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > "MinimumLevel": { > "Default": "Error", > "Override": { > "Usercube": "Information" > } > }, - > "WriteTo": [ - > { + > "WriteTo": [> { > "Name": "Logger", > "Args": { > "configureLogger": { @@ -288,13 +278,12 @@ Export logs to a log management system by proceeding as follows: > "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" > } > } - > ], - > "Filter": [ - > { + >], + > "Filter": [> { > "Name": "ByIncludingOnly", > "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } > } - > ] + >] > } > } > } @@ -320,17 +309,15 @@ Export logs to a log management system by proceeding as follows: > { > ... > "Serilog": { - > "Using": [ - > "Serilog.Sinks.Network" - > ], + > "Using": [> "Serilog.Sinks.Network" + >], > "MinimumLevel": { > "Default": "Error", > "Override": { > "Usercube": "Information" > } > }, - > "WriteTo": [ - > { + > "WriteTo": [> { > "Name": "Logger", > "Args": { > "configureLogger": { @@ -346,13 +333,12 @@ Export logs to a log management system by proceeding as follows: > "textFormatter": "Serilog.Formatting.Compact.CompactJsonFormatter, Serilog.Formatting.Compact" > } > } - > ], - > "Filter": [ - > { + >], + > "Filter": [> { > "Name": "ByIncludingOnly", > "Args": { "expression": "StartsWith(SourceContext, 'Usercube') and EventId.Id >= 500" } > } - > ] + >] > } > } > } diff --git a/docs/identitymanager/saas/integration-guide/monitoring/references/index.md b/docs/identitymanager/saas/integration-guide/monitoring/references/index.md index da5cb22312..97fbdf43e0 100644 --- a/docs/identitymanager/saas/integration-guide/monitoring/references/index.md +++ b/docs/identitymanager/saas/integration-guide/monitoring/references/index.md @@ -13,11 +13,11 @@ for example QRadar. The description will use this template for each log: -EventId id: int +**EventId id: int** EventId name: string -LogLevel: Trace||Verbose||Debug||Information||Warning||Error||Critical +**LogLevel: Trace||Verbose||Debug||Information||Warning||Error||Critical** Arguments: @@ -26,15 +26,15 @@ Arguments: - argument3 (string): description3 (string) The EventId id must be unique so we could use it to filter the logs we send. See the -[ Monitoring ](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. +[Monitoring](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. #### 500 -EventId id: 500 +**EventId id: 500** EventId name: Workflow.StartWorkflowInstance -LogLevel: Information +**LogLevel: Information** Arguments: @@ -46,11 +46,11 @@ Arguments: #### 501 -EventId id: 501 +**EventId id: 501** EventId name: Workflow.ResumeWorkflowInstance -LogLevel: Information +**LogLevel: Information** Arguments: @@ -62,11 +62,11 @@ Arguments: #### 502 -EventId id: 502 +**EventId id: 502** EventId name: SelectEntityByIdQueryHandler.Handle -LogLevel: Information +**LogLevel: Information** Arguments: @@ -76,11 +76,11 @@ Arguments: #### 503 -EventId id: 503 +**EventId id: 503** EventId name: SelectEntityByIdQueryHandler.Handle -LogLevel: Error +**LogLevel: Error** Arguments: diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md index 6acaa6fe81..eff91ced51 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md @@ -38,11 +38,11 @@ ignored, but it can still be used to store information for human use. | Name | Type | Description | | ------------------------------- | ---------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Connections optional | List of Connections | Connection information of all the systems managed by this agent, for synchronization and fulfillment configuration. This section contains a subsection for each connection containing the connection's agent settings. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "Connections": {     …     "": {       "": "":        …     }   } }` Example: `{   …   "Connections": {     …     "Directory": {       "Path": "C:\UsercubeDemo\Sources\Directory.xlsx"     },     "ServiceNowExportFulfillment": {       "Server": "https://INSTANCE.service-now.com/api/now/table",       "Login": "LOGIN",       "Password": "PASSWORD"     }   } }` See the [Create a Connection](/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md)and [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topics for additional information. | +| Connections optional | List of Connections | Connection information of all the systems managed by this agent, for synchronization and fulfillment configuration. This section contains a subsection for each connection containing the connection's agent settings. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "Connections": {     …     "": {       "": "":        …     }   } }` Example: `{   …   "Connections": {     …     "Directory": {       "Path": "C:\UsercubeDemo\Sources\Directory.xlsx"     },     "ServiceNowExportFulfillment": {       "Server": "https://INSTANCE.service-now.com/api/now/table",       "Login": "LOGIN",       "Password": "PASSWORD"     }   } }` See the [Create a Connection](/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md)and [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) topics for additional information. | | Databases optional | List of Databases | Names and connection strings of all databases used by the agent through InvokeSqlCommandTask, other than Identity Manager's database and other than the databases provided in Identity Manager's available packages. This subsection contains a subsection for each additional database. **NOTE:** The Database is a subsection of the Connections section mentioned above. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "Databases": {     "": ""   } }` Example: `{   …   "Databases": {     "UsercubeContoso": "data source=.;Database=Usercube;Integrated Security=SSPI;Min Pool Size=10;encrypt=false;"   } }` | | OpenId optional | OpenId | OpenId information, i.e. the ClientIds and related ClientSecrets that the agent may use to authenticate to the server in order to launch jobs and tasks. In order to launch jobs and tasks, the profiles related to these OpenId credentials must possess the required permissions. | | PasswordResetSettings optional | PasswordResetSettings | Parameters which configure the reset password process for the managed systems that support it. | -| SourcesRootPaths optional | String Array | List of folder paths from which Identity Manager is allowed to read. This option is used to validate the sources files defined in file-based connections. These paths are case sensitive. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "SourcesRootPaths": [ "C:/identitymanagerContoso/SourceHR", "C:/identitymanagerContoso/SourcesPhone" ]  }` | +| SourcesRootPaths optional | String Array | List of folder paths from which Identity Manager is allowed to read. This option is used to validate the sources files defined in file-based connections. These paths are case sensitive. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "SourcesRootPaths": ["C:/identitymanagerContoso/SourceHR", "C:/identitymanagerContoso/SourcesPhone"]  }` | | TaskAgentConfiguration optional | TaskAgentConfiguration | Various settings to customize the behavior of some agent tasks. | ## OpenId @@ -93,7 +93,10 @@ Encryption certificate information can be set in one of two ways: | StoreName required | String | Name of the relevant Windows certificate. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "StoreName": ""   } }` | | Thumbprint Required if DistinguishedName is empty | String | Thumbprint of the certificate. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     "Thumbprint": "<6261A70E599642A21A57A605A73B6D2AE7C5C450>"     …   } }` | -_Remember,_ Netwrix recommends using Windows' certificate store. +:::tip +Remember, Netwrix recommends using Windows' certificate store. +::: + On the other hand, the PFX file takes priority over Windows' certificate, which means that when `File` is specified then the PFX certificate is used, even if the options for Windows' certificate @@ -108,7 +111,7 @@ In both ways, missing and/or incorrect settings trigger an error and no certific | FromAddress Required if PickupDirectory is empty | String | Email address used by Identity Manager to send notifications. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "MailSettings": {       "FromAddress": "",       …     }   } }` | | Host Required if PickupDirectory is empty | String | SMTP server domain name or an IP address. To be used only when UseSpecifiedPickupDirectory is set to false. | | Password Required | String | Password that Identity Manager will use to login to the SMTP server. used only when the SMTP server is password-protected and UseSpecifiedPickupDirectory is set to false. | -| PickupDirectory Required if FromAddress/Host are empty | | Path to the pickup directory. See the [ Send Notifications ](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md) topic for additional information. See more details on the pickup directory feature. To be used only when UseSpecifiedPickupDirectory is set to true. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "MailSettings": {       "PickupDirectory": "<../Mails>",       …     }   } }` | +| PickupDirectory Required if FromAddress/Host are empty | | Path to the pickup directory. See the [Send Notifications](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md) topic for additional information. See more details on the pickup directory feature. To be used only when UseSpecifiedPickupDirectory is set to true. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "MailSettings": {       "PickupDirectory": "<../Mails>",       …     }   } }` | | Username required | String | Username for Identity Manager to login to the SMTP server. Used only when the SMTP server is password-protected and UseSpecifiedPickupDirectory is set to false. | | AllowedDomains optional | String | List of domains to which the SMTP server is authorized to send emails. Domain names must be separated by `;`. | | CatchAllAddress optional | String | Catch-all address that will receive all of Identity Manager's emails instead of usual users. this is helpful for testing before going live. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "MailSettings": {       "CatchAllAddress": "",       …     }   } }` | @@ -118,7 +121,7 @@ In both ways, missing and/or incorrect settings trigger an error and no certific | SecureSocketOption default value: Auto | String | Specifies the encryption strategy to connect to the SMTP server. If set, this takes priority over EnableSsl. None: No SSL or TLS encryption should be used. Auto: Allow the mail service to decide which SSL or TLS options to use (default). If the server does not support SSL or TLS, then the connection will not be encrypted. SslOnConnect: The connection should use SSL or TLS encryption immediately. StartTls: Elevates the connection to use TLS encryption immediately after reading the greeting and capabilities of the server. If the server does not support the STARTTLS extension, then the connection will fail and a NotSupportedException will be thrown. StartTlsWhenAvailable: Elevates the connection to use TLS encryption immediately after reading the greeting and capabilities of the server, but only if the server supports the STARTTLS extension. **NOTE:** To be used only when UseSpecifiedPickupDirectory is set to false. | | Port default value: 0 | String | SMTP server port. **NOTE:** To be used only when UseSpecifiedPickupDirectory is set to false. | | UseDefaultCredentials default value: False | Boolean | True to use the default username/password pair to login to the SMTP server. When set to false, Windows authentication is used. **NOTE:** To be used only when UseSpecifiedPickupDirectory is set to false. | -| UseSpecifiedPickupDirectory default value: False | Boolean | True to write emails as local files in the specified PickupDirectory instead of sending them as SMTP packets. See the [ Send Notifications ](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md)topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "MailSettings": {       "UseSpecifiedPickupDirectory": true,       …     }   } }` | +| UseSpecifiedPickupDirectory default value: False | Boolean | True to write emails as local files in the specified PickupDirectory instead of sending them as SMTP packets. See the [Send Notifications](/docs/identitymanager/saas/installation-guide/production-ready/email-server/index.md)topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `{   …   "PasswordResetSettings": {     …     "MailSettings": {       "UseSpecifiedPickupDirectory": true,       …     }   } }` | ### NotificationSettings diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md index b250fbfa7b..cef847810c 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md @@ -9,8 +9,11 @@ sidebar_position: 10 This section describes the settings available in the agent's appsettings.json file, located in the agent's working directory or in environment variables. -**NOTE:** JSON files can contain any additional information that you might find useful. See the +:::note +JSON files can contain any additional information that you might find useful. See the example below. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -43,7 +46,7 @@ The appsettings set allows the following attributes and sections: | EncryptionCertificate (required) | EncryptionCertificate | Settings to configure the encryption of specific files. | | IdentityServer (required) | IdentityServer | Settings to configure the agent's encrypted network communication, for example with the server or a browser. | | Authentication (required) | Authentication | Settings to configure end-user authentication, for example for users to launch a job from the UI. | -| Serilog (optional) | Logger setting | Settings to configure the logging service, complying to the Logger properties and structure. See the [ Monitoring ](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. Example: `appsettings.json {   "Serilog": {     "WriteTo": [ "Console" ],     "MinimumLevel": {       "Default": "Error",       "Override": {         "Usercube": "Information"         }       }     } }                         ` | +| Serilog (optional) | Logger setting | Settings to configure the logging service, complying to the Logger properties and structure. See the [Monitoring](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. Example: `appsettings.json {   "Serilog": {     "WriteTo": ["Console"],     "MinimumLevel": {       "Default": "Error",       "Override": {         "Usercube": "Information"         }       }     } }                         ` | | Cors (optional) | Cors | Settings to configure the agent's [CORS policy](https://developer.mozilla.org/fr/docs/Web/HTTP/CORS), which is useful when using non-integrated agents. | | ApplicationInsights (optional) | ApplicationInsights | Settings to plug to and configure the [AppInsights](https://docs.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview) monitoring tool. | | TempFolderPath (optional) | String | Path to the temporary folder which contains: - ExportOutput: directory storing data exported from connectors. - JobLogs: directory storing task instance logs. - Reports: directory storing generated reports. - Packages: directory storing the downloaded package logos. - PolicySimulations: directory storing the files generated by policy simulations. - ProvisioningCache.txt: file storing the clustered provisioning cache. When enabled, this file can be used to coordinate the API cache among clusters. - CorrelationCache.txt - RiskCache.txt - ExpressionCache.txt - scheduler.lock - connector.txt - container.reset.txt: file acting as a reset command for Identity Manager's server, i.e. any change to this file triggers the reset service, thus reloading all the services instantiated by the server. Note that this path can be overridden by **ResetSettings** > **FilepathResetService**. - Mails: directory storing the email messages. Note that this path can be overridden by **ResetSettings** > **PickupDirectory**. - Deployment these elements can be removed, but make sure to restart the server after doing so. Example: `appsettings.json {   "TempFolderPath": "../Temp" }` | @@ -69,7 +72,7 @@ appsettings.json | Name | Type | Description | | --------------------------------- | ----- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| MaxTaskBatchSize default value: 5 | Int64 | Maximum number of tasks that can be launched simultaneously, thus avoiding timeout issues. When executing a job, Identity Manager launches simultaneously the tasks of a same Level. See the [ Job ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/job/index.md) topic for additional information. If the number of same-level tasks exceeds MaxTaskBatchSize, then Identity Manager inserts new levels. These effective levels can be seen in the job's logs or with the Usercube-Get-JobSteps executable. See the [ Usercube-Get-JobSteps ](/docs/identitymanager/saas/integration-guide/executables/references/get-jobsteps/index.md) topic for additional information. | +| MaxTaskBatchSize default value: 5 | Int64 | Maximum number of tasks that can be launched simultaneously, thus avoiding timeout issues. When executing a job, Identity Manager launches simultaneously the tasks of a same Level. See the [Job](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/job/index.md) topic for additional information. If the number of same-level tasks exceeds MaxTaskBatchSize, then Identity Manager inserts new levels. These effective levels can be seen in the job's logs or with the Usercube-Get-JobSteps executable. See the [Usercube-Get-JobSteps](/docs/identitymanager/saas/integration-guide/executables/references/get-jobsteps/index.md) topic for additional information. | ## Scheduler @@ -107,14 +110,17 @@ This information can be set one of two ways: identified by SubjectDistinguishedName or by Thumbprint. The Windows certificate also contains both the public key certificate and the private key. - **NOTE:** Netwrix recommends using Windows' certificate store. + :::note + Netwrix recommends using Windows' certificate store. + ::: + On the other hand, the PFX file takes priority over Windows' certificate, which means that when File is specified then the PFX certificate is used, even if the options for Windows' certificate are specified too. In both ways, missing and/or incorrect settings trigger an error and no certificate is loaded. -As a PFX file +**As a PFX file** For example: @@ -139,20 +145,23 @@ The archive is set using the following attributes: | File (required) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive path on the host file system. | | Password (optional) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. | -**NOTE:** Storing a .pfx file password in plain text in a production environment is strongly +:::note +Storing a .pfx file password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword tool. See the -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. +::: + The archive is set using the following attributes: | Name | Type | Description | | ------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | File (required) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive path on the host file system. | -| Password (optional) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. storing a .pfx file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword.exe tool. See the[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. | +| Password (optional) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. storing a .pfx file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword.exe tool. See the[Usercube-Protect-CertificatePassword](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. | -As a Certificate in the Windows Store +**As a Certificate in the Windows Store** For example: @@ -180,7 +189,7 @@ The Windows certificate is set using these attributes: | StoreLocation (required) | String | Location of the relevant Windows certificate store: LocalMachine or CurrentUser. | | StoreName (required) | String | Name of the relevant Windows certificate store. | -Using Azure Key Vault +**Using Azure Key Vault** If the certificate is saved in Azure Key Vault, we must define the certificate identifier and the Vault connection. See the [Azure Key Vault](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) topic for additional @@ -200,7 +209,7 @@ script in the command line. Just like the Encryption Certificate, this information can be set one of two ways. -As a PFX file +**As a PFX file** For example: @@ -223,13 +232,16 @@ The archive is set using the following attributes: | X509KeyFilePath (required) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive path on the agent's host file system. | | X509KeyFilePassword (optional) | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. | -**NOTE:** Storing a .pfx file password in plain text in a production environment is strongly +:::note +Storing a .pfx file password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword tool. See the -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. +::: -As a Certificate in the Windows Store + +**As a Certificate in the Windows Store** For example: @@ -254,8 +266,11 @@ The certificate is set using these attributes: | X509SubjectDistinguishedName (optional) | String | SubjectDistinguishedName of the certificate. It is required when X509Thumbprint is not defined. | | X509Thumbprint (optional) | String | Thumbprint of the certificate. It is required when X509SubjectDistinguishedName is not defined. | -**NOTE:** If you are using the certificate provided in the SDK, the agent will fail when launching. +:::note +If you are using the certificate provided in the SDK, the agent will fail when launching. You must create your own certificate. +::: + You can get the DistinguishedName of the certificate using OpenSSL: @@ -335,5 +350,8 @@ The application insights details are: | -------------------------------------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | InstrumentationKey default value: null | String | Key linked to the AppInsights instance to which the server's logs, requests, dependencies and performance are to be sent. See Microsoft's documentation to create an[ instrumentation key](https://docs.microsoft.com/en-us/azure/azure-monitor/app/create-new-resource). | -**NOTE:** The logs sent to AppInsights are configured through the Logger properties. See the -[ Monitoring ](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. +:::note +The logs sent to AppInsights are configured through the Logger properties. See the +[Monitoring](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. + +::: diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md index 7c0ab81507..d5e25da0f3 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md @@ -25,7 +25,7 @@ Microsoft Entra ID (formerly Azure AD) Key Vault. See the [appsettings.agent](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) topic for additional information. Check the examples in connectors' credential protection sections. See the -[ ServiceNow ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md) topic +[ServiceNow](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/servicenowentitymanagement/index.md) topic for additional information. ## Write Settings to the Vault @@ -51,16 +51,14 @@ script in the command line.   "Connections": {     ...     "ADExport": { -      "Servers": [ -        { +      "Servers": [{           "Server": "",           "BaseDN": ""         },         {           "Server": "",           "BaseDN": "" -        } -      ], +        }],       "AuthType": "",       "Login": "",       "Password": "", @@ -78,7 +76,10 @@ To save the login to Azure Key Vault, create a secret whose name and value are r To save the second server, create a secret whose name and value are respectively `` and ``. -_Remember,_ the index of the first element is `0`. +:::tip +Remember, the index of the first element is `0`. +::: + This way, values from the Azure Key Vault take priority over the values from the appsettings files. diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md index 99f4e433f5..ee289a4d32 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md @@ -134,10 +134,7 @@ defining at least the following properties: | Address | Server | | Password | Password | -Netwrix Identity Manager (formerly Usercube) recommends customizing the account's name because it will be used in [ - - Connection - ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) to retrieve this account from the vault. +Netwrix Identity Manager (formerly Usercube) recommends customizing the account's name because it will be used in [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) to retrieve this account from the vault. ``` @@ -243,7 +240,7 @@ The archive is set using the following attributes: | Name | Details | | ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | File required | **Type** String **Description** [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive path on the host file system. | -| Password optional | **Type** String **Description** [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. **Info:** storing a `.pfx` file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the [ Usercube-Protect-CertificatePassword ](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) tool. | +| Password optional | **Type** String **Description** [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. **Info:** storing a `.pfx` file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the [Usercube-Protect-CertificatePassword](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) tool. | #### As a Certificate in the Windows Store @@ -298,14 +295,13 @@ In this file: > "AD_Export": { > "Login": "AdAccount", > "Password": "AdAccount", -> "Servers": [ -> { +> "Servers": [> { > "Server": "AdAccount" > }, > { > "Server": "AdServer2" > } -> ] +>] > } > } > } diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md index 95eb9385c6..9763f6c738 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md @@ -17,12 +17,12 @@ The Agent configuration uses two sets of settings: the agent **appsettings** set 1. The [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md) set is written either to the Agent's working directory appsettings.json file or as environment variables. See the - [ Architecture ](/docs/identitymanager/saas/integration-guide/architecture/index.md) topic for additional information. + [Architecture](/docs/identitymanager/saas/integration-guide/architecture/index.md) topic for additional information. 2. The [appsettings.agent](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) set is written as environment variables or to the appsettings.agent.json files from the Agent's working directory. 3. There are two additional files involved in the _Agent_'s configuration to protect sensitive data: appsettings.encrypted. agent. json and appsettings.cyberark.agent.json. See the - [ RSA Encryption ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) and + [RSA Encryption](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md) and [CyberArk's AAM Credential Providers ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/cyberark-application-access-manager-credential-providers/index.md)topics for additional information. diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md index 15b5832a2e..ea35c4728f 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/rsa-encryption/index.md @@ -12,9 +12,9 @@ Identity Manager provides a few options to protect sensitive data via RSA encry Sensitive data can be RSA encrypted by using Identity Manager's tools: -- [ Usercube-Protect-X509JsonValue ](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonvalue/index.md) +- [Usercube-Protect-X509JsonValue](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonvalue/index.md) to encrypt given values; -- [ Usercube-Protect-X509JsonFile ](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonfile/index.md) +- [Usercube-Protect-X509JsonFile](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonfile/index.md) to encrypt a whole file. The file encryption tool should be used only on files that contain only plain text values, not @@ -36,7 +36,7 @@ The `appsettings.encrypted.json` and `appsettings.encrypted.agent.json` files co the `appsettings.json` and `appsettings.agent.json` files' sensitive setting values which are protected by RSA encryption. -These files follow the exact same structure as the [ Agent Configuration ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md). +These files follow the exact same structure as the [Agent Configuration](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md). ### Read the Encrypted Files diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/configure-okta/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/configure-okta/index.md index 2524a5e96c..5595d8b57a 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/configure-okta/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/configure-okta/index.md @@ -33,8 +33,11 @@ application and add `/signin-oidc`. The Identity Manager disconnection redirecti necessary. To construct it, take Identity Manager's URL again and, at the end, add `/signout-callback-oidc`. -**NOTE:** The **Logout redirect URLs** section is marked as optional but it is mandatory for +:::note +The **Logout redirect URLs** section is marked as optional but it is mandatory for Identity Manager. +::: + ![Save Application](/img/product_docs/identitymanager/saas/integration-guide/network-configuration/how-tos/okta/okta_saveapplication.webp) diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/how-tos/okta/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/how-tos/okta/index.md index 2a50dc3c18..2a092e785a 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/how-tos/okta/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/how-tos/okta/index.md @@ -27,8 +27,11 @@ application and add `/signin-oidc`. The Identity Manager disconnection redirecti necessary. To construct it, take Identity Manager's URL again and, at the end, add `/signout-callback-oidc`. -**NOTE:** The **Logout redirect URLs** section is marked as optional but it is mandatory for +:::note +The **Logout redirect URLs** section is marked as optional but it is mandatory for Identity Manager. +::: + ![Save Application](/img/product_docs/identitymanager/saas/integration-guide/network-configuration/how-tos/okta/okta_saveapplication.webp) diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/index.md index da60a1fc32..00f98ae41a 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/index.md @@ -24,9 +24,9 @@ Configuration settings are detailed further in the following sections: - Server configuration, including connection to the database and end-user authentication. See the [Server Configuration](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/index.md) topic for additional information. - Agent configuration, including connection to the managed systems. See the - [ Agent Configuration ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md) topic for additional information. + [Agent Configuration](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md) topic for additional information. - Monitoring, indicating how to set up monitoring for Identity Manager. See the - [ Monitoring ](/docs/identitymanager/saas/integration-guide/monitoring/index.md)topic for additional information. + [Monitoring](/docs/identitymanager/saas/integration-guide/monitoring/index.md)topic for additional information. ## Write Settings @@ -77,7 +77,7 @@ Relevant files for the Agent can be found in its working directory: - `appsettings.cyberArk.agent.json` Each setting file is organized into several sections as shown in the Sets, Sections and values -diagram. See the [ Architecture ](/docs/identitymanager/saas/integration-guide/architecture/index.md) topic for additional information. +diagram. See the [Architecture](/docs/identitymanager/saas/integration-guide/architecture/index.md) topic for additional information. Each section's name matches a top level attribute of the file's `json` object. @@ -107,7 +107,7 @@ settings.example.json ``` In Integrated-agent mode, agent configuration is written to the Server's `appsettings.json` file. -See the [ Overview ](/docs/identitymanager/saas/installation-guide/overview/index.md) topic for additional information. +See the [Overview](/docs/identitymanager/saas/installation-guide/overview/index.md) topic for additional information. #### Reminder @@ -200,6 +200,6 @@ Configuration encompasses: - The Server configuration with a connection to the database and end-user authentication. See the [Server Configuration](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/index.md) topic for additional information. - The Agent configuration with a connection to the managed systems. See the - [ Agent Configuration ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md)topic for additional information. -- The Logger configuration. See the [ Monitoring ](/docs/identitymanager/saas/integration-guide/monitoring/index.md)topic for additional + [Agent Configuration](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md)topic for additional information. +- The Logger configuration. See the [Monitoring](/docs/identitymanager/saas/integration-guide/monitoring/index.md)topic for additional information. diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md index 881134327c..c1e790a9e6 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md @@ -16,7 +16,7 @@ methods and External methods. It is highly recommended that you use an External method. Internal methods are mostly used for debug, test and development purposes. -Internal methods +**Internal methods** The Internal methods use Identity Manager Server's internal authentication server. They rely on one of these Identity Server User Stores: @@ -24,7 +24,7 @@ of these Identity Server User Stores: - Test User Store, used in development environments. - Active Directory User Store, using an Active Directory to authenticate. -External methods +**External methods** External methods use external authentication providers. @@ -39,7 +39,7 @@ The types of authentication providers supported by Identity Manager are: - [SAML2](http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0.html) - [Integrated Windows Authentication (IWA)](https://docs.microsoft.com/en-us/aspnet/web-api/overview/security/integrated-windows-authentication) -Using more than one provider +**Using more than one provider** For each authentication method, one or several authentication providers can be set up. If several authentication providers are set up, end-users will be prompted to choose their preferred method of @@ -78,7 +78,7 @@ The archive is set using the following attributes on the appsettings > IdentityS - X509KeyFilePassword (optional) is the [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. -Example +**Example** Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -103,7 +103,7 @@ appsettings > IdentityServer section: | X509StoreLocation required | Sets the Relevant Windows certificate store's location: `LocalMachine` or `CurrentUser`. | | X509StoreName required | Sets the relevant Windows certificate store's name. | -Example +**Example** Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -117,12 +117,15 @@ script in the command line. ``` -**NOTE:** Identity Manager Server won't start if the +:::note +Identity Manager Server won't start if the [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive set up during this step is identical to the one provided with the SDK. Users must provide their own certificate. Self-signed certificates are accepted as valid. See the[Install the Server](/docs/identitymanager/saas/installation-guide/production-ready/server/index.md)topic for additional information. +::: + ## Configuration Section Description @@ -182,18 +185,21 @@ to enable Identity Manager's testers to identify which authentication method is in the code, with a mnemonic name. Any name can be used as long as all AuthenticationSchemes are different. -**NOTE:** This guide doesn't cover how to set up authorizations within Identity Manager. +:::note +This guide doesn't cover how to set up authorizations within Identity Manager. Authorization for an end-user to access Identity Manager resources relies on assigning roles to profiles. Identity credentials used for authentication must be linked to these profiles in the -applicative configuration. See the [ Various XML Settings ](/docs/identitymanager/saas/integration-guide/network-configuration/settings/index.md)topic for +applicative configuration. See the [Various XML Settings](/docs/identitymanager/saas/integration-guide/network-configuration/settings/index.md)topic for additional information. +::: + Authentication-related settings are done through the following sections of the appsettings set: - IdentityServer - Authentication -See the[ Architecture ](/docs/identitymanager/saas/integration-guide/architecture/index.md)topic for additional information. +See the[Architecture](/docs/identitymanager/saas/integration-guide/architecture/index.md)topic for additional information. ### Identity Server @@ -250,8 +256,11 @@ retrieves identity credentials from the Windows session where the user is logged to the domain controller for authentication. The domain controller confirms the user's identity and validates it for Identity Manager. The end-user doesn't have to input any credentials. -**NOTE:** If Integrated Windows Authentication is used, internal methods have to be disabled with +:::note +If Integrated Windows Authentication is used, internal methods have to be disabled with the `"AllowLocalLogin":false` setting. +::: + ### Requirements @@ -299,11 +308,11 @@ Integrated Windows Authentication is configured using the following sections: One or several OpenID Connect authentication providers can be set up under the Authentication > OpenId section. -Multiple providers +**Multiple providers** One or several OpenID Connect authentication providers can be set up. -Registration process +**Registration process** Using an OpenID Connect authentication requires the Identity Manager Server to be registered to the provider. A ClientID and a ClientSecret are issued as a result of the registration process. They @@ -312,7 +321,7 @@ both allow Identity Manager to identify itself to the authentication provider. of how to register Identity Manager to an Microsoft Entra ID (formerly Microsoft Azure AD) used as OpenID Connect provider. -Callback URL +**Callback URL** The target OpenID Connect provider needs to be aware of the URI where to send the authentication token if the authentication succeeds. Depending on the provider, it is called a callback URL, a @@ -324,18 +333,18 @@ Identity Manager's callback URL for OpenID Connect is ` `` is the address of your Identity Manager Server such as `https://identitymanager.contoso.com`. -Authority +**Authority** An OpenID Connect provider is identified by its Authority, according to the [OpenID ](https://openid.net/connect/)Connect specifications. -NameClaimType +**NameClaimType** To authorize an end-user, Identity Manager Server retrieves a specific claim (a key-value pair, transmitted through the OIDC-issued JWT token) returned by the provider and looks for a resource that matches this claim's value. The comparison is carried out according to the resource and property set as the end-user's identity in the applicative configuration. See the -[ Select User by Identity Query Handler Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md) +[Select User by Identity Query Handler Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md) The name of the claim that is retrieved for this purpose defaults to `sub` which is one of the standard @@ -346,8 +355,11 @@ Claim names. For this reason, the name of the claim that is retrieved by Identity Manager for authorization purposes can be set up according to the provider's specifics. -**NOTE:** Users should be able to get a list of the claim names used by their authentication +:::note +Users should be able to get a list of the claim names used by their authentication providers from their providers' portal website, documentation or administrators. +::: + For example, the following claim provides no meaningful `sub` value. @@ -399,7 +411,7 @@ Under the new subsection, the following parameters are used to configure the aut | ClientId required | String | Is the Client ID issued during the registration of Identity Manager to the chosen OpenID Connect provider. | | ClientSecret required | String | Is the Client Secret issued during the registration of Identity Manager to the chosen OpenID Connect provider. | | Authority required | String | This URL identifies the OpenID Connect provider for Identity Manager according to the [OpenID Connect specifications](https://openid.net/connect/). It can be retrieved from the target OpenID Connect provider documentation. For example, [Microsoft's documentation ](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc)indicates the Microsoft Identity Platform OpenID Connect[ ](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc)authority. | -| NameClaimType optional | String | Sets the type of the claim that will be retrieved by Identity Manager to identify the end-user. The retrieved claim will be compared against the resource and property set as the end-user's identity in the applicative configuration. See the [ Select User by Identity Query Handler Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md)topic for additional information. | +| NameClaimType optional | String | Sets the type of the claim that will be retrieved by Identity Manager to identify the end-user. The retrieved claim will be compared against the resource and property set as the end-user's identity in the applicative configuration. See the [Select User by Identity Query Handler Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md)topic for additional information. | | Scopes optional | String | Sets the list of the requested [scopes](https://auth0.com/docs/scopes/openid-connect-scopes). By default, the requested scopes are: openid, profile and email. | | SaveTokens default value: false | Boolean | Only for Okta providers. Set to `true if authentication uses an Okta provider. See the [Configure Okta](/docs/identitymanager/saas/integration-guide/network-configuration/how-tos/okta/index.md)topic for additional information. | | MetadataAddress optional | String | URL address of a copy of the metadata, used when the authority metadata cannot be accessed from the Identity Manager server, for example because of a firewall. | @@ -407,7 +419,7 @@ Under the new subsection, the following parameters are used to configure the aut | ResponseMode optional | String | Response mode for OpenIdConnect. - Query - FormPost - Fragment [See OpenId documentation](https://openid.net/specs/openid-connect-core-1_0.html). | | ResponseType optional | String | Response type for OpenIdConnect. - Code - CodeIdToken - CodeIdTokenToken - CodeToken - IdToken - IdTokenToken - None - Token See examples in the [OpenId documentation.](https://openid.net/specs/openid-connect-core-1_0.html#openid-documentation) | -Example +**Example** This example configures an OpenId Connect authority located at [https://login.microsoftonline.com/bbd35166-7c13-49f3-8041-9551f2847b69](https://login.microsoftonline.com/bbd35166-7c13-49f3-8041-9551f2847b69). @@ -450,11 +462,11 @@ script in the command line. One or several OAuth authentication providers can be set up under the authentication > OAuth section. -Multiple providers +**Multiple providers** One or several OAuth authentication providers can be set up. -Registration process +**Registration process** Using an OAuth authentication requires Identity Manager Server to be registered to the provider. A ClientID and a ClientSecret are issued as a result of the registration process. They both allow @@ -501,7 +513,7 @@ Each section is configured with the following settings: | SaveTokens default value: false | Boolean | Only for Okta providers. Set to `true if authentication uses an Okta provider. See the [Configure Okta](/docs/identitymanager/saas/integration-guide/network-configuration/configure-okta/index.md)topic for additional information. | | Scope optional | String | Sets the list of the requested [scopes](https://auth0.com/docs/scopes/openid-connect-scopes). | -Example +**Example** The following example configures an OAuth-based authentication provider identified as OAuthContoso_Washington in the configuration file. @@ -548,11 +560,11 @@ One or several WS-Federation authentication providers can be set up under the au WsFederation subsection. Examples of WS-Federation providers include Active Directory Federation Services (ADFS) and Microsoft Entra ID (AAD). -Multiple providers +**Multiple providers** One or several WS-Federation authentication providers can be set up. -Registration process +**Registration process** Using a WS-Federation authentication requires Identity ManagerServer to be registered to the provider. A Wtrealm value is set up during the registration process. The value can be generated by @@ -566,7 +578,7 @@ itself to the authentication provider. Here are two examples of registration pro [Microsoft Entra ID](https://docs.microsoft.com/en-us/aspnet/core/security/authentication/ws-federation?view=aspnetcore-5.0#microsoft-entra-id) provider -Callback URL +**Callback URL** The target WS-Federation provider needs to be aware of the URI where to send the authentication token if the authentication succeeds. Depending on the provider, it is called a callback URL, a @@ -578,7 +590,7 @@ Identity Manager's callback URL for WS-Federation is ``/signin-wsfed where `` is the address of your Identity Manager Server such as https://identitymanager.contoso.com. -Encryption algorithm +**Encryption algorithm** The nature of the encryption algorithm used for exchanging the sign-in key with the provider is automatically negotiated between Identity Manager Server and the authentication server. The most @@ -605,7 +617,7 @@ Each section is configured with the following settings: | DisplayName optional | Is the provider display name. Chosen by the user, it is used in the UI to identify the authentication method. | | AuthenticationScheme required | Is the unique identifier of this authentication method within Identity Manager. Any string value can be used, unique among all authentication methods. | -Example +**Example** This example configures a WS-Federation-based authentication provider identified as WsFederationContoso_LA in the configuration file. @@ -643,11 +655,11 @@ section. Identity Manager does not provide a signature for SAML2 authentication. -Multiple providers +**Multiple providers** One or several **SAML2** authentication providers can be set up. -Registration process +**Registration process** Using a **SAML2** authentication requires Identity Manager Server to be registered to the provider. An **Entity ID URI** value is set up for Identity Manager during the registration process. It is @@ -655,7 +667,7 @@ used as the prefix for scopes and as the value of the audience claim in access t be generated by the provider, or set manually as a URL-shaped string value. This allows Identity Manager to identify itself to the authentication provider. -Reply URL +**Reply URL** The target **SAML2** provider needs to be aware of the URI where to send the authentication token if the authentication succeeds. This URI is called **Reply URL** or **Assertion Consumer Service (ACS) @@ -669,7 +681,7 @@ https://identitymanager.contoso.com. Make sure to enter this exact URL which is treated case sensitively. -Configuration +**Configuration** First, the SAML2 method must be enabled under the authentication > SAML2 section. @@ -736,7 +748,10 @@ This information can be set one of two ways: identified by SubjectDistinguishedName or by Thumbprint. The Windows certificate also contains both the public key certificate and the private key. -_Remember,_ Netwrix recommends using Windows' certificate store. +:::tip +Remember, Netwrix recommends using Windows' certificate store. +::: + On the other hand, the PFX file takes priority over Windows' certificate, which means that when `File` is specified then the PFX certificate is used, even if the options for Windows' certificate @@ -744,9 +759,12 @@ are specified too. In both ways, missing and/or incorrect settings trigger an error and no certificate is loaded. -_Remember,_ the AzureKeyVault section is mandatory when using CertificateAzureKeyVault. Identity +:::tip +Remember, the AzureKeyVault section is mandatory when using CertificateAzureKeyVault. Identity Manager server loads the encryption certificate from Azure Key Vault only if the AzureKeyVault and EncryptionCertificate are defined at the same level in the configuration file. +::: + #### As a PFX file @@ -774,7 +792,7 @@ The archive is set using the following attributes: Storing a `.pfx` file password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Identity Manager-Protect-CertificatePassword tool. See the -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. The archive is set using the following attributes: @@ -817,9 +835,12 @@ If the certificate is saved in Azure Key Vault, we must define the certificate i Vault connection. See the [Azure Key Vault](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) topic for additional information. -_Remember,_ the AzureKeyVault section is mandatory when using CertificateAzureKeyVault. Identity +:::tip +Remember, the AzureKeyVault section is mandatory when using CertificateAzureKeyVault. Identity Manager server loads the encryption certificate from Azure Key Vault only if the AzureKeyVault and EncryptionCertificate are defined at the same level in the configuration file. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -849,7 +870,7 @@ script in the command line. When Internal Methods is enabled, the end-user is prompted via a form to input a login and a password. The login to be used is defined within the applicative configuration's Select User By -Identity Query Handler Setting element. See the [ Various XML Settings ](/docs/identitymanager/saas/integration-guide/network-configuration/settings/index.md) +Identity Query Handler Setting element. See the [Various XML Settings](/docs/identitymanager/saas/integration-guide/network-configuration/settings/index.md) topic for additional information. First, the AllowLocalLogin parameter needs to be set to true in the Authentication section. @@ -990,7 +1011,10 @@ method. A Test User Store can be set up under the authentication > TestUserStore section. It allows all users to authenticate with their login and the same password. -_Remember,_ this should never be used in a production environment. +:::tip +Remember, this should never be used in a production environment. +::: + The following parameters are available under the authentication > TestUserStore section: @@ -999,7 +1023,7 @@ The following parameters are available under the authentication > TestUserStore | Enabled required | Boolean | Enables or disables the OpenId Connection. | | Password required | String | Is the password for all users to authenticate Identity Manager. | -Example +**Example** Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/general-purpose/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/general-purpose/index.md index 8f5f7af459..767cc7a95c 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/general-purpose/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/general-purpose/index.md @@ -33,7 +33,7 @@ The appsettings set allows the following attributes and sections: | ApplicationUri required | String | URI of the server to use in log messages, to communicate with the server in tasks, to allow certain redirect URIs. It must be the same as the agent's appsettings.json's ApplicationUri. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …       “ApplicationUri”: “usercubeserver.contoso.com:5000” }` | | EncryptionCertificate required | EncryptionCertificate | Settings to configure the encryption of specific files. | | License | String | License key of the server. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …       “License”: “{"LicensedTo":"","ValidTo":"<20120905>","IdentityQuota":"<10000>","Signature":"<…>"}" }` | -| Agents optional | Agent List | List of agents' settings used to work on several environments. See the [ Architecture ](/docs/identitymanager/saas/integration-guide/architecture/index.md) topic for additional information. This way, each Agent's URI/URL is configured without altering the database. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …       “Agents”: {             “Local”: {                   “Uri”: “”             },             …       } }` | +| Agents optional | Agent List | List of agents' settings used to work on several environments. See the [Architecture](/docs/identitymanager/saas/integration-guide/architecture/index.md) topic for additional information. This way, each Agent's URI/URL is configured without altering the database. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …       “Agents”: {             “Local”: {                   “Uri”: “”             },             …       } }` | | AppDisplay optional | AppDisplay | Settings to override the application display XML configuration. See the [App Display Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/appdisplaysetting/index.md) topic for additional information. It is useful to change the application's theme and name without redeploying the whole configuration. | | ApplicationInsights optional | ApplicationInsights | Settings to plug to and configure the [App Insights](https://docs.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview) monitoring tool. | | DataProtection optional | DataProtection | Settings to configure the encryption used for the authentication cookies and the anti-forgery tokens. The data protection can be configured to share the keys between several instances of Identity Manager's server, for example when deployed in a cluster where the servers do not have the same machine id. | @@ -43,10 +43,10 @@ The appsettings set allows the following attributes and sections: | MailSettings optional | String | Settings to configure the email service. | | MaxActors default value: 20 maximum value: 50 | UInt | The maximum number of recipients who will be notified of the Workflow changes and can take action. If the number of recipients is exceeding the MaxRecipients value, then the actors will have the task assigned to them but they will not receive an email notification. In order for all actors to receive an email notification the MaxRecipients should be increased as well. | | MaxPageSize optionalAttribute | UInt | It represents the maximum number of items returned when using squeries. | -| NotUseAgent default value: false | Boolean | True to disable the use of the agent. See the[ Architecture ](/docs/identitymanager/saas/integration-guide/architecture/index.md) topic for additional information. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "":  true }` | -| OpenIdClients optional | OpenIdClient List | List of hashed secrets used to override the plain-text secrets from the OpenIdClient XML configuration. See the [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. This way, Identity Manager stores only hashed secrets, for security purposes. Each environment must have its own secret, distinct from the others. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "OpenIdClients": {             "Job": {                   "": ""             },             "PowerBI": {                   "": "<7b8N2NWka5alDrjM7rFqf7+xqq9LIcT5jSoQ+1Ci2V0>"             }       } }` | +| NotUseAgent default value: false | Boolean | True to disable the use of the agent. See the[Architecture](/docs/identitymanager/saas/integration-guide/architecture/index.md) topic for additional information. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "":  true }` | +| OpenIdClients optional | OpenIdClient List | List of hashed secrets used to override the plain-text secrets from the OpenIdClient XML configuration. See the [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) topic for additional information. This way, Identity Manager stores only hashed secrets, for security purposes. Each environment must have its own secret, distinct from the others. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "OpenIdClients": {             "Job": {                   "": ""             },             "PowerBI": {                   "": "<7b8N2NWka5alDrjM7rFqf7+xqq9LIcT5jSoQ+1Ci2V0>"             }       } }` | | PowerBISettings optional | PowerBISettings | Settings to configure the API used by Power BI to access Identity Manager data. | -| Serilog optional | Serilog | Settings to configure the logging service, complying to the Logger properties and structure. See the [ Monitoring ](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "Serilog": {             "WriteTo": [ "Console" ],             "MinimumLevel": {                   "Default": "Error",                   "Override": {                         "Usercube": "Information"                   }             }       } }` | +| Serilog optional | Serilog | Settings to configure the logging service, complying to the Logger properties and structure. See the [Monitoring](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "Serilog": {             "WriteTo": ["Console"],             "MinimumLevel": {                   "Default": "Error",                   "Override": {                         "Usercube": "Information"                   }             }       } }` | | Swagger optional | Swagger | By enabling [Swagger ](https://swagger.io/tools/swagger-ui/)you can visualize and interact with the API's resources without having any of the implementation logic in place. It is automatically generated from Identity Manager's API, with the visual documentation making it easy for back-end implementation and client-side consumption. | | TempFolderPath default value: ../Temp | String | Path to the temporary folder which contains: - ExportOutput: directory storing data exported from connectors. - JobLogs: directory storing task instance logs. - Reports: directory storing generated reports. - Packages: directory storing the downloaded package logos. - PolicySimulations: directory storing the files generated by policy simulations. - ProvisioningCache.txt: file storing the clustered provisioning cache. When enabled, this file can be used to coordinate the API cache among clusters. - CorrelationCache.txt - RiskCache.txt - ExpressionCache.txt - scheduler.lock - connector.txt - container.reset.txt: file acting as a reset command for Identity Manager's server, i.e. any change to this file triggers the reset service, thus reloading all the services instantiated by the server. This path can be overridden by **ResetSettings** > **FilepathResetService**. - Mails: directory storing the email messages. This path can be overridden by **ResetSettings** > **PickupDirectory**. - Deployment These elements can be removed, but make sure to restart the server after doing so. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "" }` | | WorkFolderPath default value: ../Work | String | Path of the work folder which contains: - Collect: directory storing the CSV source files exported by connectors. - ProvisioningOrders: directory storing the orders generated by the server. - FulfillPowerShell: PowerShell provisioner's working directory. - FulfillRobotFramework: Robot Framework's provisioner working directory. - ExportCookies: directory storing the cookies used for incremental export. - Synchronization: directory storing the agent's data collection results. - Upload: directory storing the uploaded media like uploaded pictures, before they are inserted into the database. - appsettings.connection.json These elements must not be removed, because doing so may disrupt Identity Manager's execution after restarting. Example: Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. `appsettings.json {       …     "" }` | @@ -79,7 +79,7 @@ This information can be set one of two ways: certificate will be loaded first. The thumprint is unique among the certificates so it can help with for the certificate identification. -As a PFX file +**As a PFX file** For example: @@ -106,7 +106,7 @@ The archive is set using the following attributes: Storing a .pfx file password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword tool. See the -[ Usercube-Protect-CertificatePassword ](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) +[Usercube-Protect-CertificatePassword](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. The archive is set using the following attributes: @@ -114,9 +114,9 @@ The archive is set using the following attributes: | Name | Type | Description | | ----------------- | ------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | File required | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive path on the host file system. | -| Password optional | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. Storing a .pfx file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword.exe tool. See the [ Usercube-Protect-CertificatePassword ](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. | +| Password optional | String | [PKCS #12](https://en.wikipedia.org/wiki/PKCS_12) archive password. Storing a .pfx file's password in plain text in a production environment is strongly discouraged. It should always be encrypted using the Usercube-Protect-CertificatePassword.exe tool. See the [Usercube-Protect-CertificatePassword](/docs/identitymanager/saas/integration-guide/executables/references/protect-certificatepassword/index.md) topic for additional information. | -As a Certificate in the Windows Store +**As a Certificate in the Windows Store** For example: @@ -143,7 +143,7 @@ The Windows certificate is set using these attributes: | StoreLocation required | String | Location of the relevant Windows certificate store: LocalMachine or CurrentUser. | | StoreName required | String | Name of the relevant Windows certificate store. | -Using Azure Key Vault +**Using Azure Key Vault** If the certificate is saved in Azure Key Vault, we must define the certificate identifier and the Vault connection. See the [Azure Key Vault](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/azure-key-vault/index.md) @@ -158,7 +158,7 @@ script in the command line. }     ``` -Disabling file encryption +**Disabling file encryption** The encryption of specific files can be disabled via the following attribute: @@ -232,8 +232,11 @@ The application insights details are: | -------------------------------------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | InstrumentationKey default value: null | String | Key linked to the AppInsights instance to which the server's logs, requests, dependencies and performance are to be sent. See the Microsoft [Create an Application Insights resource](https://docs.microsoft.com/en-us/azure/azure-monitor/app/create-new-resource) article for information on creating an instrumentation key. | -**NOTE:** The logs sent to AppInsights are configured through the Logger properties. See the -[ Monitoring ](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. +:::note +The logs sent to AppInsights are configured through the Logger properties. See the +[Monitoring](/docs/identitymanager/saas/integration-guide/monitoring/index.md) topic for additional information. +::: + ## PowerBI Settings diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/index.md index 22822f6d59..0c77149c7b 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/index.md @@ -14,7 +14,7 @@ database connection and some general-purpose settings. The Server configuration is included in the Server's appsettings set. The appsettings set content can be written to appsettings.json in the Server's working directory or -to environment variables. See the [ Architecture ](/docs/identitymanager/saas/integration-guide/architecture/index.md) topic for additional +to environment variables. See the [Architecture](/docs/identitymanager/saas/integration-guide/architecture/index.md) topic for additional information. The server appsettings supported attributes and sections are described in the following sections: @@ -23,7 +23,7 @@ The server appsettings supported attributes and sections are described in the fo - End-User Authentication - General-Purpose Settings -See the[ Connection to the Database ](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/database-connection/index.md), +See the[Connection to the Database](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/database-connection/index.md), [ End-User Authentication](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/end-users-authentication/index.md) and [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/general-purpose/index.md) topics for additional information. diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/rsa-encryption/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/rsa-encryption/index.md index 8eb8d335b3..2a163c5342 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/rsa-encryption/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/rsa-encryption/index.md @@ -12,9 +12,9 @@ Identity Manager provides a few options to protect sensitive data via RSA encry Sensitive data can be RSA encrypted by using Netwrix Identity Manager (formerly Usercube)'s tools: -- [ Usercube-Protect-X509JsonValue ](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonvalue/index.md) +- [Usercube-Protect-X509JsonValue](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonvalue/index.md) to encrypt given values; -- [ Usercube-Protect-X509JsonFile ](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonfile/index.md) +- [Usercube-Protect-X509JsonFile](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonfile/index.md) to encrypt a whole file. The file encryption tool should be used only on files that contain only plain text values, not diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/settings/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/settings/index.md index 2af7744c71..f32ca1ae84 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/settings/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/settings/index.md @@ -7,7 +7,7 @@ sidebar_position: 60 # Various XML Settings This section describes Identity Manager's -[ Settings ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/index.md) available in the +[Settings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/index.md) available in the applicative configuration. Those are mandatory. ## ConfigurationVersion @@ -16,7 +16,7 @@ This setting is used to track the current configuration version. ``` - +**** ``` @@ -30,7 +30,7 @@ This setting is used to customize the application display. ``` - +**** ``` @@ -103,7 +103,7 @@ The max number of links to display is 5. ``` - +**** ``` @@ -123,7 +123,7 @@ The max number of links to display is 5. _This attribute matches an end-user with a resource from the unified resource repository._ Authorization mechanisms within Identity Manager rely on assigning -[ Profiles ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md) +[Profiles](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md) to an identity-resource that stands for the end-user digital identity. To that end, and end-user authentication credentials are linked to such an identity-resource using @@ -188,7 +188,7 @@ This setting is used to filter the entity type used by authentication mechanism. ``` - +**** ``` @@ -204,7 +204,7 @@ This setting enables task delegation to a group of people. ``` - +**** ``` @@ -234,7 +234,7 @@ using the following setting: ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/technical-files/appsettings.connection/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/technical-files/appsettings.connection/index.md index 7de0c17127..d74492521d 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/technical-files/appsettings.connection/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/technical-files/appsettings.connection/index.md @@ -9,7 +9,7 @@ sidebar_position: 10 ## Define configuration through UI On some configuration screens, such as the connector screen, it is possible to define some of the -[ Agent Configuration ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md). This configuration is stored in the +[Agent Configuration](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md). This configuration is stored in the **appsettings.connection.json** file, located inside the [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md) work folder. @@ -17,6 +17,6 @@ The **appsettings.connection.json** file has the exact same structure as the oth [appsettings.agent](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) file. This configuration file has the highest priority among others agent's configuration sources . See -the [ Agent Configuration ](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md) topic for additional information. +the [Agent Configuration](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/index.md) topic for additional information. You should not modify this file manually. diff --git a/docs/identitymanager/saas/integration-guide/network-configuration/technical-files/index.md b/docs/identitymanager/saas/integration-guide/network-configuration/technical-files/index.md index 0ce4df1430..1983d29703 100644 --- a/docs/identitymanager/saas/integration-guide/network-configuration/technical-files/index.md +++ b/docs/identitymanager/saas/integration-guide/network-configuration/technical-files/index.md @@ -9,4 +9,4 @@ sidebar_position: 40 This section gathers information relative to the technical files that Identity Manager could use or generate in its lifecycle. -- [ appsettings.connection ](/docs/identitymanager/saas/integration-guide/network-configuration/technical-files/appsettings.connection/index.md) +- [appsettings.connection](/docs/identitymanager/saas/integration-guide/network-configuration/technical-files/appsettings.connection/index.md) diff --git a/docs/identitymanager/saas/integration-guide/notifications/custom/index.md b/docs/identitymanager/saas/integration-guide/notifications/custom/index.md index 2a9538deef..d4a3e12e18 100644 --- a/docs/identitymanager/saas/integration-guide/notifications/custom/index.md +++ b/docs/identitymanager/saas/integration-guide/notifications/custom/index.md @@ -19,17 +19,17 @@ given activity in [Workflows](/docs/identitymanager/saas/integration-guide/workf > for a workflow to continue. The configuration is made through the XML tag -[ Notification Aspect ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/aspects/notificationaspect/index.md). +[Notification Aspect](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/aspects/notificationaspect/index.md). ## Periodic Notifications A notification can be configured to be sent to a given user on a regular basis at specified times, through the -[ Send Notifications Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) +[Send Notifications Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) as part of a job. > For example, a notification can be sent automatically to remind a manager that someone arrives in > their team a month before the arrival, and again a week before. The configuration is made through the XML tag -[ Notification ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notification/index.md). +[Notification](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notification/index.md). diff --git a/docs/identitymanager/saas/integration-guide/notifications/how-tos/customize-native-notification/index.md b/docs/identitymanager/saas/integration-guide/notifications/how-tos/customize-native-notification/index.md index 2df8853cce..d8aa725237 100644 --- a/docs/identitymanager/saas/integration-guide/notifications/how-tos/customize-native-notification/index.md +++ b/docs/identitymanager/saas/integration-guide/notifications/how-tos/customize-native-notification/index.md @@ -5,7 +5,7 @@ This guide shows how to set a template other than the default one for native not ## Overview Identity Manager natively sends notifications for usual cases. See the -[ Native Notifications ](/docs/identitymanager/saas/integration-guide/notifications/native/index.md) topic for additional information. +[Native Notifications](/docs/identitymanager/saas/integration-guide/notifications/native/index.md) topic for additional information. These native notifications are based on cshtml templates available inside the `Runtime` folder. If the provided templates do not meet your exact needs, then they can be replaced by personalized diff --git a/docs/identitymanager/saas/integration-guide/notifications/how-tos/set-language/index.md b/docs/identitymanager/saas/integration-guide/notifications/how-tos/set-language/index.md index eac50e26ef..29b749d11a 100644 --- a/docs/identitymanager/saas/integration-guide/notifications/how-tos/set-language/index.md +++ b/docs/identitymanager/saas/integration-guide/notifications/how-tos/set-language/index.md @@ -15,7 +15,7 @@ defined, then notifications use the first language. Set the first language for the whole application by proceeding as follows: 1. In the XML configuration, create a `Language` with `IndicatorNumber` set to `1`. See the - [ Language ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/language/index.md) topic for additional + [Language](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/language/index.md) topic for additional information. > For example, to set English as the first language: @@ -33,7 +33,7 @@ Set the first language for the whole application by proceeding as follows: Set the language explicitly for server-side-task notifications by proceeding as follows: 1. In the XML configuration, configure `MailSetting` with a `LanguageCode`See the - [ Mail Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md) topic + [Mail Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md) topic for additional information. > For example, to set the language to English: diff --git a/docs/identitymanager/saas/integration-guide/notifications/index.md b/docs/identitymanager/saas/integration-guide/notifications/index.md index 1360ad851d..25a79e23c0 100644 --- a/docs/identitymanager/saas/integration-guide/notifications/index.md +++ b/docs/identitymanager/saas/integration-guide/notifications/index.md @@ -9,8 +9,8 @@ sidebar_position: 130 Identity Manager is able to send notification emails when an action is expected, or a job ends with an error. -Identity Manager provides [ Native Notifications ](/docs/identitymanager/saas/integration-guide/notifications/native/index.md) for usual cases, for example +Identity Manager provides [Native Notifications](/docs/identitymanager/saas/integration-guide/notifications/native/index.md) for usual cases, for example provisioning review, resource reconciliation, and role reconciliation. -[ Custom Notifications ](/docs/identitymanager/saas/integration-guide/notifications/custom/index.md) can be configured for specific needs, to be triggered by a +[Custom Notifications](/docs/identitymanager/saas/integration-guide/notifications/custom/index.md) can be configured for specific needs, to be triggered by a workflow, or periodically via a task. diff --git a/docs/identitymanager/saas/integration-guide/notifications/native/customize-native-notification/index.md b/docs/identitymanager/saas/integration-guide/notifications/native/customize-native-notification/index.md index f8801448b0..98b439e514 100644 --- a/docs/identitymanager/saas/integration-guide/notifications/native/customize-native-notification/index.md +++ b/docs/identitymanager/saas/integration-guide/notifications/native/customize-native-notification/index.md @@ -11,7 +11,7 @@ This guide shows how to set a template other than the default one for native not ## Overview Identity Manager natively sends notifications for usual cases. See the -[ Native Notifications ](/docs/identitymanager/saas/integration-guide/notifications/native/index.md) topic for additional information. +[Native Notifications](/docs/identitymanager/saas/integration-guide/notifications/native/index.md) topic for additional information. These native notifications are based on cshtml templates available inside the `Runtime` folder. If the provided templates do not meet your exact needs, then they can be replaced by personalized diff --git a/docs/identitymanager/saas/integration-guide/notifications/native/errored-jobs/index.md b/docs/identitymanager/saas/integration-guide/notifications/native/errored-jobs/index.md index bbde7f21a4..7ce41eb94b 100644 --- a/docs/identitymanager/saas/integration-guide/notifications/native/errored-jobs/index.md +++ b/docs/identitymanager/saas/integration-guide/notifications/native/errored-jobs/index.md @@ -9,6 +9,6 @@ sidebar_position: 60 Identity Manager is able to send notification emails when a job ends with an error. The notification email is sent to the user who has the necessary rights and the permission. -See the [ Native Notifications ](/docs/identitymanager/saas/integration-guide/notifications/native/index.md) and -[ Profiles & Permissions ](/docs/identitymanager/saas/integration-guide/profiles-permissions/index.md) topics for additional +See the [Native Notifications](/docs/identitymanager/saas/integration-guide/notifications/native/index.md) and +[Profiles & Permissions](/docs/identitymanager/saas/integration-guide/profiles-permissions/index.md) topics for additional information. diff --git a/docs/identitymanager/saas/integration-guide/notifications/native/index.md b/docs/identitymanager/saas/integration-guide/notifications/native/index.md index e26e9a1668..7ea166b1a9 100644 --- a/docs/identitymanager/saas/integration-guide/notifications/native/index.md +++ b/docs/identitymanager/saas/integration-guide/notifications/native/index.md @@ -15,7 +15,7 @@ Identity Manager natively sends notifications for: - Password reset to the users whose passwords are reset; - Access certification to the users selected as reviewers; -- [ Manual Provisioning ](/docs/identitymanager/saas/integration-guide/notifications/native/manual-provisioning/index.md), provisioning review and role review to the +- [Manual Provisioning](/docs/identitymanager/saas/integration-guide/notifications/native/manual-provisioning/index.md), provisioning review and role review to the users who own a profile with the permissions to perform the corresponding actions; - Jobs that finished in state completed/errored/aborted/blocked/warning to the users who own a profile with the corresponding permissions. @@ -43,5 +43,5 @@ found in `/Runtime/NotificationTemplates`. The templates for native notifications can be adjusted to specific needs through the XML tag [Notification Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md). -See the [ Customize a Native Notification ](/docs/identitymanager/saas/integration-guide/notifications/native/customize-native-notification/index.md) for +See the [Customize a Native Notification](/docs/identitymanager/saas/integration-guide/notifications/native/customize-native-notification/index.md) for additional information on how to customize native notifications. diff --git a/docs/identitymanager/saas/integration-guide/notifications/native/manual-provisioning/index.md b/docs/identitymanager/saas/integration-guide/notifications/native/manual-provisioning/index.md index 6d8d8092b5..c55eed66d1 100644 --- a/docs/identitymanager/saas/integration-guide/notifications/native/manual-provisioning/index.md +++ b/docs/identitymanager/saas/integration-guide/notifications/native/manual-provisioning/index.md @@ -13,7 +13,7 @@ Identity Manager natively sends notifications concerning manual provisioning. ### Notification Trigger The notifications are sent after a `FulfillTask` with a connection based on the -[ Manual Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/manual-ticket/index.md) package. +[Manual Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/manual-ticket/index.md) package. ### Notification Recipients diff --git a/docs/identitymanager/saas/integration-guide/notifications/set-language/index.md b/docs/identitymanager/saas/integration-guide/notifications/set-language/index.md index f79dfd51c6..8b05329ab5 100644 --- a/docs/identitymanager/saas/integration-guide/notifications/set-language/index.md +++ b/docs/identitymanager/saas/integration-guide/notifications/set-language/index.md @@ -21,7 +21,7 @@ defined, then notifications use the first language. Set the first language for the whole application by proceeding as follows: 1. In the XML configuration, create a `Language` with `IndicatorNumber` set to `1`. See the - [ Language ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/language/index.md) topic for additional + [Language](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/language/index.md) topic for additional information. > For example, to set English as the first language: @@ -39,7 +39,7 @@ Set the first language for the whole application by proceeding as follows: Set the language explicitly for server-side-task notifications by proceeding as follows: 1. In the XML configuration, configure `MailSetting` with a `LanguageCode`See the - [ Mail Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md) topic + [Mail Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md) topic for additional information. > For example, to set the language to English: diff --git a/docs/identitymanager/saas/integration-guide/profiles-permissions/create-assign-profiles/index.md b/docs/identitymanager/saas/integration-guide/profiles-permissions/create-assign-profiles/index.md index 10753f15db..298d73c2b8 100644 --- a/docs/identitymanager/saas/integration-guide/profiles-permissions/create-assign-profiles/index.md +++ b/docs/identitymanager/saas/integration-guide/profiles-permissions/create-assign-profiles/index.md @@ -12,7 +12,7 @@ these profiles automatically. ## Create a Profile Here is the xml configuration to create a profile in Identity Manager. See the -[ Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) topic for additional +[Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -42,7 +42,7 @@ script in the command line. The Identity Manager-Set-InternalUserProfiles task is mandatory to automatically assign the profile. The task can be selected from the Job provisioning list. See the -[ Set Internal User Profiles Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) +[Set Internal User Profiles Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) topic for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the diff --git a/docs/identitymanager/saas/integration-guide/profiles-permissions/permissions/index.md b/docs/identitymanager/saas/integration-guide/profiles-permissions/permissions/index.md index ebfce795bd..8644b3bb2b 100644 --- a/docs/identitymanager/saas/integration-guide/profiles-permissions/permissions/index.md +++ b/docs/identitymanager/saas/integration-guide/profiles-permissions/permissions/index.md @@ -74,7 +74,7 @@ Here is a list of permissions required for different user profiles: - /AccessControl/AccessControlRule/Delete - Permission to delete objects of type AccessControlRule +**Permission to delete objects of type AccessControlRule** - /AccessControl/AccessControlRule/Query @@ -198,11 +198,11 @@ Here is a list of permissions required for different user profiles: - /Connectors/EntityAssociationMapping/Create - Permission to create objects of type EntityAssociationMapping +**Permission to create objects of type EntityAssociationMapping** - /Connectors/EntityAssociationMapping/Delete - Permission to delete objects of type EntityAssociationMapping +**Permission to delete objects of type EntityAssociationMapping** - /Connectors/EntityAssociationMapping/Query - Permission to query and read objects of type EntityAssociationMapping. @@ -224,15 +224,15 @@ Here is a list of permissions required for different user profiles: - /Connectors/EntityPropertyMapping/Update - Permission to update objects of type EntityPropertyMapping +**Permission to update objects of type EntityPropertyMapping** - /Connectors/EntityTypeMapping/Create - Permission to create objects of type EntityTypeMapping +**Permission to create objects of type EntityTypeMapping** - /Connectors/EntityTypeMapping/Delete - Permission to delete objects of type EntityTypeMapping +**Permission to delete objects of type EntityTypeMapping** - /Connectors/EntityTypeMapping/Query @@ -240,7 +240,7 @@ Here is a list of permissions required for different user profiles: - /Connectors/EntityTypeMapping/Update - Permission to update objects of type EntityTypeMapping +**Permission to update objects of type EntityTypeMapping** - /Connectors/EntityTypeMappingByConnectorIdQuery/Query @@ -330,8 +330,11 @@ Here is a list of permissions required for different user profiles: - The permission's recipient will receive a notification email. - **NOTE:** In order to receive the notifications, a profile must have the full permission path. + :::note + In order to receive the notifications, a profile must have the full permission path. Having a (great-)parent permission will not enable notifications for all child entities. + ::: + For example, the permission /ProvisioningPolicy/PerformManualProvisioning/Directory_User allows a profile to perform manual provisioning with Directory_User as the source entity type, and @@ -350,8 +353,11 @@ Here is a list of permissions required for different user profiles: The permission's recipient will receive a notification email. - **NOTE:** In order to receive the notifications, a profile must have the full permission path. + :::note + In order to receive the notifications, a profile must have the full permission path. Having a (great-)parent permission will not enable notifications for all child entities. + ::: + For example, the permission /ProvisioningPolicy/PerformManualProvisioning/Directory_User allows a profile to perform manual provisioning with Directory_User as the source entity type, and @@ -494,7 +500,7 @@ Here is a list of permissions required for different user profiles: - /Jobs/JobStep/Delete - Permission to delete objects of type JobStep +**Permission to delete objects of type JobStep** - /Jobs/JobStep/Query @@ -562,7 +568,7 @@ Here is a list of permissions required for different user profiles: - /Jobs/Task/Update - Permission to update objects of type Task +**Permission to update objects of type Task** - /Jobs/TaskDependOnTask/Create @@ -610,7 +616,7 @@ Here is a list of permissions required for different user profiles: - /Jobs/TaskEntityType/Update - Permission to update objects of type TaskEntityType +**Permission to update objects of type TaskEntityType** - /Jobs/TaskIdByIdentifiersQuery/Query @@ -738,11 +744,11 @@ Here is a list of permissions required for different user profiles: - /Metadata/Setting/Create - Permission to create objects of type Setting +**Permission to create objects of type Setting** - /Metadata/Setting/Delete - Permission to delete objects of type Setting +**Permission to delete objects of type Setting** - /Metadata/Setting/Query @@ -750,7 +756,7 @@ Here is a list of permissions required for different user profiles: - /Metadata/Setting/Update - Permission to update objects of type Setting +**Permission to update objects of type Setting** - /Monitoring @@ -758,15 +764,15 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedCompositeRole/Comment - Permission to comment objects of type AssignedCompositeRole +**Permission to comment objects of type AssignedCompositeRole** - /ProvisioningPolicy/AssignedCompositeRole/Create - Permission to create objects of type AssignedCompositeRole +**Permission to create objects of type AssignedCompositeRole** - /ProvisioningPolicy/AssignedCompositeRole/Delete - Permission to delete objects of type AssignedCompositeRole +**Permission to delete objects of type AssignedCompositeRole** - /ProvisioningPolicy/AssignedCompositeRole/Query @@ -774,15 +780,15 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedCompositeRole/Update - Permission to update objects of type AssignedCompositeRole +**Permission to update objects of type AssignedCompositeRole** - /ProvisioningPolicy/AssignedResourceBinary/Create - Permission to create objects of type AssignedResourceBinary +**Permission to create objects of type AssignedResourceBinary** - /ProvisioningPolicy/AssignedResourceBinary/Delete - Permission to delete objects of type AssignedResourceBinary +**Permission to delete objects of type AssignedResourceBinary** - /ProvisioningPolicy/AssignedResourceBinary/Query @@ -790,15 +796,15 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedResourceBinary/Update - Permission to update objects of type AssignedResourceBinary +**Permission to update objects of type AssignedResourceBinary** - /ProvisioningPolicy/AssignedResourceNavigation/Create - Permission to create objects of type AssignedResourceNavigation +**Permission to create objects of type AssignedResourceNavigation** - /ProvisioningPolicy/AssignedResourceNavigation/Delete - Permission to delete objects of type AssignedResourceNavigation +**Permission to delete objects of type AssignedResourceNavigation** - /ProvisioningPolicy/AssignedResourceNavigation/Query @@ -806,15 +812,15 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedResourceNavigation/Update - Permission to update objects of type AssignedResourceNavigation +**Permission to update objects of type AssignedResourceNavigation** - /ProvisioningPolicy/AssignedResourceScalar/Create - Permission to create objects of type AssignedResourceScalar +**Permission to create objects of type AssignedResourceScalar** - /ProvisioningPolicy/AssignedResourceScalar/Delete - Permission to delete objects of type AssignedResourceScalar +**Permission to delete objects of type AssignedResourceScalar** - /ProvisioningPolicy/AssignedResourceScalar/Query @@ -822,19 +828,19 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedResourceScalar/Update - Permission to update objects of type AssignedResourceScalar +**Permission to update objects of type AssignedResourceScalar** - /ProvisioningPolicy/AssignedResourceType/Comment - Permission to comment objects of type AssignedResourceType +**Permission to comment objects of type AssignedResourceType** - /ProvisioningPolicy/AssignedResourceType/Create - Permission to create objects of type AssignedResourceType +**Permission to create objects of type AssignedResourceType** - /ProvisioningPolicy/AssignedResourceType/Delete - Permission to delete objects of type AssignedResourceType +**Permission to delete objects of type AssignedResourceType** - /ProvisioningPolicy/AssignedResourceType/ManualProvisioningReview @@ -846,19 +852,19 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedResourceType/Update - Permission to update objects of type AssignedResourceType +**Permission to update objects of type AssignedResourceType** - /ProvisioningPolicy/AssignedSingleRole/Comment - Permission to comment objects of type AssignedSingleRole +**Permission to comment objects of type AssignedSingleRole** - /ProvisioningPolicy/AssignedSingleRole/Create - Permission to create objects of type AssignedSingleRole +**Permission to create objects of type AssignedSingleRole** - /ProvisioningPolicy/AssignedSingleRole/Delete - Permission to delete objects of type AssignedSingleRole +**Permission to delete objects of type AssignedSingleRole** - /ProvisioningPolicy/AssignedSingleRole/Query @@ -866,11 +872,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AssignedSingleRole/Update - Permission to update objects of type AssignedSingleRole +**Permission to update objects of type AssignedSingleRole** - /ProvisioningPolicy/AutomationRule/Create - Permission to create objects of type AutomationRule +**Permission to create objects of type AutomationRule** - /ProvisioningPolicy/AutomationRule/CreateSimulation @@ -878,7 +884,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AutomationRule/Delete - Permission to delete objects of type AutomationRule +**Permission to delete objects of type AutomationRule** - /ProvisioningPolicy/AutomationRule/DeleteSimulation @@ -898,7 +904,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/AutomationRule/Updat - Permission to update objects of type AutomationRule +**Permission to update objects of type AutomationRule** - /ProvisioningPolicy/AutomationRule/UpdateSimulation @@ -906,11 +912,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/Category/Create - Permission to create objects of type Category +**Permission to create objects of type Category** - /ProvisioningPolicy/Category/Delete - Permission to delete objects of type Category +**Permission to delete objects of type Category** - /ProvisioningPolicy/Category/Query @@ -918,11 +924,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/Category/Update - Permission to update objects of type Category +**Permission to update objects of type Category** - /ProvisioningPolicy/CompositeRole/Create - Permission to create objects of type CompositeRole +**Permission to create objects of type CompositeRole** - /ProvisioningPolicy/CompositeRole/CreateSimulation @@ -930,7 +936,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/CompositeRole/Delete - Permission to delete objects of type CompositeRole +**Permission to delete objects of type CompositeRole** - /ProvisioningPolicy/CompositeRole/DeleteSimulation @@ -950,7 +956,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/CompositeRole/Update - Permission to update objects of type CompositeRole +**Permission to update objects of type CompositeRole** - /ProvisioningPolicy/CompositeRole/UpdateSimulation @@ -958,7 +964,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/CompositeRoleRule/Create - Permission to create objects of type CompositeRoleRule +**Permission to create objects of type CompositeRoleRule** - /ProvisioningPolicy/CompositeRoleRule/CreateSimulation @@ -966,7 +972,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/CompositeRoleRule/Delete - Permission to delete objects of type CompositeRoleRule +**Permission to delete objects of type CompositeRoleRule** - /ProvisioningPolicy/CompositeRoleRule/DeleteSimulation @@ -986,7 +992,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/CompositeRoleRule/Update - Permission to update objects of type CompositeRoleRule +**Permission to update objects of type CompositeRoleRule** - /ProvisioningPolicy/CompositeRoleRule/UpdateSimulation @@ -994,7 +1000,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ContextRule/Create - Permission to create objects of type ContextRule +**Permission to create objects of type ContextRule** - /ProvisioningPolicy/ContextRule/CreateSimulation @@ -1002,7 +1008,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ContextRule/Delete - Permission to delete objects of type ContextRule +**Permission to delete objects of type ContextRule** - /ProvisioningPolicy/ContextRule/DeleteSimulation @@ -1022,7 +1028,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ContextRule/Update - Permission to update objects of type ContextRule +**Permission to update objects of type ContextRule** - /ProvisioningPolicy/ContextRule/UpdateSimulation @@ -1034,11 +1040,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/MiningRule/Create - Permission to create objects of type MiningRule +**Permission to create objects of type MiningRule** - /ProvisioningPolicy/MiningRule/Delete - Permission to delete objects of type MiningRule +**Permission to delete objects of type MiningRule** - /ProvisioningPolicy/MiningRule/Query @@ -1046,11 +1052,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/MiningRule/Update - Permission to update objects of type MiningRule +**Permission to update objects of type MiningRule** - /ProvisioningPolicy/Policy/Create - Permission to create objects of type Policy +**Permission to create objects of type Policy** - /ProvisioningPolicy/Policy/CreateSimulation @@ -1058,7 +1064,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/Policy/Delete - Permission to delete objects of type Policy +**Permission to delete objects of type Policy** - /ProvisioningPolicy/Policy/DeleteSimulation @@ -1078,7 +1084,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/Policy/Update - Permission to update objects of type Policy +**Permission to update objects of type Policy** - /ProvisioningPolicy/Policy/UpdateSimulation @@ -1086,11 +1092,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/PolicySimulation/Create - Permission to create objects of type PolicySimulation +**Permission to create objects of type PolicySimulation** - /ProvisioningPolicy/PolicySimulation/Delete - Permission to delete objects of type PolicySimulation +**Permission to delete objects of type PolicySimulation** - /ProvisioningPolicy/PolicySimulation/Query @@ -1098,7 +1104,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/PolicySimulation/Start - Permission to start a simulation of a policy +**Permission to start a simulation of a policy** - /ProvisioningPolicy/PolicySimulation/Update @@ -1170,7 +1176,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceClassificationRule/Delete - Permission to delete objects of type ResourceClassificationRule +**Permission to delete objects of type ResourceClassificationRule** - /ProvisioningPolicy/ResourceClassificationRule/DeleteSimulation @@ -1191,7 +1197,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceClassificationRule/Update - Permission to update objects of type ResourceClassificationRule +**Permission to update objects of type ResourceClassificationRule** - /ProvisioningPolicy/ResourceClassificationRule/UpdateSimulation @@ -1199,7 +1205,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceCorrelationRule/Create - Permission to create objects of type ResourceCorrelationRule +**Permission to create objects of type ResourceCorrelationRule** - /ProvisioningPolicy/ResourceCorrelationRule/CreateSimulation @@ -1207,7 +1213,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceCorrelationRule/Delete - Permission to delete objects of type ResourceCorrelationRule +**Permission to delete objects of type ResourceCorrelationRule** - /ProvisioningPolicy/ResourceCorrelationRule/DeleteSimulation @@ -1228,7 +1234,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceCorrelationRule/Update - Permission to update objects of type ResourceCorrelationRule +**Permission to update objects of type ResourceCorrelationRule** - /ProvisioningPolicy/ResourceCorrelationRule/UpdateSimulation @@ -1242,7 +1248,7 @@ Here is a list of permissions required for different user profiles: Permission to query and read objects of type ResourceManageableAccounts - /ProvisioningPolicy/ResourceNavigationRule/Create +**/ProvisioningPolicy/ResourceNavigationRule/Create** - Permission to create objects of type ResourceNavigationRule - /ProvisioningPolicy/ResourceNavigationRule/CreateSimulation @@ -1251,7 +1257,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceNavigationRule/Delete - Permission to delete objects of type ResourceNavigationRule +**Permission to delete objects of type ResourceNavigationRule** - /ProvisioningPolicy/ResourceNavigationRule/DeleteSimulation @@ -1272,7 +1278,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceNavigationRule/Update - Permission to update objects of type ResourceNavigationRule +**Permission to update objects of type ResourceNavigationRule** - /ProvisioningPolicy/ResourceNavigationRule/UpdateSimulation @@ -1280,7 +1286,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceQueryRule/Create - Permission to create objects of type ResourceQueryRule +**Permission to create objects of type ResourceQueryRule** - /ProvisioningPolicy/ResourceQueryRule/CreateSimulation @@ -1288,7 +1294,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceQueryRule/Delete - Permission to delete objects of type ResourceQueryRule +**Permission to delete objects of type ResourceQueryRule** - /ProvisioningPolicy/ResourceQueryRule/DeleteSimulation @@ -1308,7 +1314,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceQueryRule/Update - Permission to update objects of type ResourceQueryRule +**Permission to update objects of type ResourceQueryRule** - /ProvisioningPolicy/ResourceQueryRule/UpdateSimulation @@ -1316,7 +1322,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceScalarRule/Create - Permission to create objects of type ResourceScalarRule +**Permission to create objects of type ResourceScalarRule** - /ProvisioningPolicy/ResourceScalarRule/CreateSimulation @@ -1324,7 +1330,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceScalarRule/Delete - Permission to delete objects of type ResourceScalarRule +**Permission to delete objects of type ResourceScalarRule** - /ProvisioningPolicy/ResourceScalarRule/DeleteSimulation @@ -1344,7 +1350,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceScalarRule/Update - Permission to update objects of type ResourceScalarRule +**Permission to update objects of type ResourceScalarRule** - /ProvisioningPolicy/ResourceScalarRule/UpdateSimulation @@ -1352,7 +1358,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceType/Create - Permission to create objects of type ResourceType +**Permission to create objects of type ResourceType** - /ProvisioningPolicy/ResourceType/CreateSimulation @@ -1360,7 +1366,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceType/Delete - Permission to delete objects of type ResourceType +**Permission to delete objects of type ResourceType** - /ProvisioningPolicy/ResourceType/DeleteSimulation @@ -1380,7 +1386,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceType/Update - Permission to update objects of type ResourceType +**Permission to update objects of type ResourceType** - /ProvisioningPolicy/ResourceType/UpdateSimulation @@ -1388,7 +1394,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceTypeRule/Create - Permission to create objects of type ResourceTypeRule +**Permission to create objects of type ResourceTypeRule** - /ProvisioningPolicy/ResourceTypeRule/CreateSimulation @@ -1396,7 +1402,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceTypeRule/Delete - Permission to delete objects of type ResourceTypeRule +**Permission to delete objects of type ResourceTypeRule** - /ProvisioningPolicy/ResourceTypeRule/DeleteSimulation @@ -1416,7 +1422,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/ResourceTypeRule/Update - Permission to update objects of type ResourceTypeRule +**Permission to update objects of type ResourceTypeRule** - /ProvisioningPolicy/ResourceTypeRule/UpdateSimulation @@ -1424,11 +1430,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/Risk/Create - Permission to create objects of type Risk +**Permission to create objects of type Risk** - /ProvisioningPolicy/Risk/Delete - Permission to delete objects of type Risk +**Permission to delete objects of type Risk** - /ProvisioningPolicy/Risk/OverrideApproval @@ -1444,15 +1450,15 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/Risk/Update - Permission to update objects of type Risk +**Permission to update objects of type Risk** - /ProvisioningPolicy/RoleMapping/Create - Permission to create objects of type RoleMapping +**Permission to create objects of type RoleMapping** - /ProvisioningPolicy/RoleMapping/Delete - Permission to delete objects of type RoleMapping +**Permission to delete objects of type RoleMapping** - /ProvisioningPolicy/RoleMapping/Query @@ -1460,11 +1466,11 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/RoleMapping/Update - Permission to update objects of type RoleMapping +**Permission to update objects of type RoleMapping** - /ProvisioningPolicy/SingleRole/Create - Permission to create objects of type SingleRole +**Permission to create objects of type SingleRole** - /ProvisioningPolicy/SingleRole/CreateSimulation @@ -1472,7 +1478,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/SingleRole/Delete - Permission to delete objects of type SingleRole +**Permission to delete objects of type SingleRole** - /ProvisioningPolicy/SingleRole/DeleteSimulation @@ -1492,7 +1498,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/SingleRole/Update - Permission to update objects of type SingleRole +**Permission to update objects of type SingleRole** - /ProvisioningPolicy/SingleRole/UpdateSimulation @@ -1500,7 +1506,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/SingleRoleRule/Create - Permission to create objects of type SingleRoleRule +**Permission to create objects of type SingleRoleRule** - /ProvisioningPolicy/SingleRoleRule/CreateSimulation @@ -1508,7 +1514,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/SingleRoleRule/Delete - Permission to delete objects of type SingleRoleRule +**Permission to delete objects of type SingleRoleRule** - /ProvisioningPolicy/SingleRoleRule/DeleteSimulation @@ -1528,7 +1534,7 @@ Here is a list of permissions required for different user profiles: - /ProvisioningPolicy/SingleRoleRule/Update - Permission to update objects of type SingleRoleRule +**Permission to update objects of type SingleRoleRule** - /ProvisioningPolicy/SingleRoleRule/UpdateSimulation @@ -1544,11 +1550,11 @@ Here is a list of permissions required for different user profiles: - /Report/ReportQuery/Create - Permission to create objects of type ReportQuery +**Permission to create objects of type ReportQuery** - /Report/ReportQuery/Delete - Permission to delete objects of type ReportQuery +**Permission to delete objects of type ReportQuery** - /Report/ReportQuery/Query @@ -1556,7 +1562,7 @@ Here is a list of permissions required for different user profiles: - /Report/ReportQuery/Update - Permission to update objects of type ReportQuery +**Permission to update objects of type ReportQuery** - /Resources/Incremental/Query @@ -1564,11 +1570,11 @@ Here is a list of permissions required for different user profiles: - /Resources/Resource/Create - Permission to create objects of type Resource +**Permission to create objects of type Resource** - /Resources/Resource/Delete - Permission to delete objects of type Resource +**Permission to delete objects of type Resource** - /Resources/Resource/Query @@ -1576,7 +1582,7 @@ Here is a list of permissions required for different user profiles: - /Resources/Resource/Update - Permission to update objects of type Resource +**Permission to update objects of type Resource** - /Settings/Manage - /Universes/EntityInstance/Query @@ -1601,23 +1607,23 @@ Here is a list of permissions required for different user profiles: - /UserInterface/ConnectorResourceType/Create - Permission to create objects of type ConnectorResourceType +**Permission to create objects of type ConnectorResourceType** - /UserInterface/ConnectorResourceType/Delete - Permission to delete objects of type ConnectorResourceType +**Permission to delete objects of type ConnectorResourceType** - /UserInterface/ConnectorResourceType/Update - Permission to update objects of type ConnectorResourceType +**Permission to update objects of type ConnectorResourceType** - /UserInterface/DisplayEntityAssociation/Create - Permission to create objects of type DisplayEntityAssociation +**Permission to create objects of type DisplayEntityAssociation** - /UserInterface/DisplayEntityAssociation/Delete - Permission to delete objects of type DisplayEntityAssociation +**Permission to delete objects of type DisplayEntityAssociation** - /UserInterface/DisplayEntityAssociation/Query @@ -1625,15 +1631,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/DisplayEntityAssociation/Update - Permission to update objects of type DisplayEntityAssociation +**Permission to update objects of type DisplayEntityAssociation** - /UserInterface/DisplayEntityProperty/Create - Permission to create objects of type DisplayEntityProperty +**Permission to create objects of type DisplayEntityProperty** - /UserInterface/DisplayEntityProperty/Delete - Permission to delete objects of type DisplayEntityProperty +**Permission to delete objects of type DisplayEntityProperty** - /UserInterface/DisplayEntityProperty/Query @@ -1641,15 +1647,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/DisplayEntityProperty/Update - Permission to update objects of type DisplayEntityProperty +**Permission to update objects of type DisplayEntityProperty** - /UserInterface/DisplayEntityType/Create - Permission to create objects of type DisplayEntityType +**Permission to create objects of type DisplayEntityType** - /UserInterface/DisplayEntityType/Delete - Permission to delete objects of type DisplayEntityType +**Permission to delete objects of type DisplayEntityType** - /UserInterface/DisplayEntityType/Query @@ -1657,15 +1663,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/DisplayEntityType/Update - Permission to update objects of type DisplayEntityType +**Permission to update objects of type DisplayEntityType** - /UserInterface/DisplayPropertyGroup/Create - Permission to create objects of type DisplayPropertyGroup +**Permission to create objects of type DisplayPropertyGroup** - /UserInterface/DisplayPropertyGroup/Delete - Permission to delete objects of type DisplayPropertyGroup +**Permission to delete objects of type DisplayPropertyGroup** - /UserInterface/DisplayPropertyGroup/Query @@ -1673,15 +1679,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/DisplayPropertyGroup/Update - Permission to update objects of type DisplayPropertyGroup +**Permission to update objects of type DisplayPropertyGroup** - /UserInterface/DisplayTable/Create - Permission to create objects of type DisplayTable +**Permission to create objects of type DisplayTable** - /UserInterface/DisplayTable/Delete - Permission to delete objects of type DisplayTable +**Permission to delete objects of type DisplayTable** - /UserInterface/DisplayTable/Query @@ -1689,15 +1695,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/DisplayTable/Update - Permission to update objects of type DisplayTable +**Permission to update objects of type DisplayTable** - /UserInterface/DisplayTableColumn/Create - Permission to create objects of type DisplayTableColumn +**Permission to create objects of type DisplayTableColumn** - /UserInterface/DisplayTableColumn/Delete - Permission to delete objects of type DisplayTableColumn +**Permission to delete objects of type DisplayTableColumn** - /UserInterface/DisplayTableColumn/Query @@ -1705,7 +1711,7 @@ Here is a list of permissions required for different user profiles: - /UserInterface/DisplayTableColumn/Update - Permission to update objects of type DisplayTableColumn +**Permission to update objects of type DisplayTableColumn** - /UserInterface/DisplayTableDesignElement/Query @@ -1717,11 +1723,11 @@ Here is a list of permissions required for different user profiles: - /UserInterface/Form/Create - Permission to create objects of type Form +**Permission to create objects of type Form** - /UserInterface/Form/Delete - Permission to delete objects of type Form +**Permission to delete objects of type Form** - /UserInterface/Form/Query @@ -1729,15 +1735,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/Form/Updat - Permission to update objects of type Form +**Permission to update objects of type Form** - /UserInterface/FormControl/Create - Permission to create objects of type FormControl +**Permission to create objects of type FormControl** - /UserInterface/FormControl/Delete - Permission to delete objects of type FormControl +**Permission to delete objects of type FormControl** - /UserInterface/FormControl/Query @@ -1745,7 +1751,7 @@ Here is a list of permissions required for different user profiles: - /UserInterface/FormControl/Update - Permission to update objects of type FormControl +**Permission to update objects of type FormControl** - /UserInterface/HierarchyDataByEntityTypeIdQuery/Query @@ -1753,11 +1759,11 @@ Here is a list of permissions required for different user profiles: - /UserInterface/Indicator/Create - Permission to create objects of type Indicator +**Permission to create objects of type Indicator** - /UserInterface/Indicator/Delete - Permission to delete objects of type Indicator +**Permission to delete objects of type Indicator** - /UserInterface/Indicator/Query @@ -1765,15 +1771,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/Indicator/Update - Permission to update objects of type Indicator +**Permission to update objects of type Indicator** - /UserInterface/IndicatorItem/Create - Permission to create objects of type IndicatorItem +**Permission to create objects of type IndicatorItem** - /UserInterface/IndicatorItem/Delete - Permission to delete objects of type IndicatorItem +**Permission to delete objects of type IndicatorItem** - /UserInterface/IndicatorItem/Query @@ -1781,7 +1787,7 @@ Here is a list of permissions required for different user profiles: - /UserInterface/IndicatorItem/Update - Permission to update objects of type IndicatorItem +**Permission to update objects of type IndicatorItem** - /UserInterface/PersonasByFilterQuery/Query @@ -1810,11 +1816,11 @@ Here is a list of permissions required for different user profiles: - /UserInterface/SearchBar/Create - Permission to create objects of type SearchBar +**Permission to create objects of type SearchBar** - /UserInterface/SearchBar/Delete - Permission to delete objects of type SearchBar +**Permission to delete objects of type SearchBar** - /UserInterface/SearchBar/Query @@ -1822,15 +1828,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/SearchBar/Update - Permission to update objects of type SearchBar +**Permission to update objects of type SearchBar** - /UserInterface/SearchBarCriterion/Create - Permission to create objects of type SearchBarCriterion +**Permission to create objects of type SearchBarCriterion** - /UserInterface/SearchBarCriterion/Delete - Permission to delete objects of type SearchBarCriterion +**Permission to delete objects of type SearchBarCriterion** - /UserInterface/SearchBarCriterion/Query @@ -1838,15 +1844,15 @@ Here is a list of permissions required for different user profiles: - /UserInterface/SearchBarCriterion/Update - Permission to update objects of type SearchBarCriterion +**Permission to update objects of type SearchBarCriterion** - /UserInterface/Tile/Create - Permission to create objects of type Tile +**Permission to create objects of type Tile** - /UserInterface/Tile/Delete - Permission to delete objects of type Tile +**Permission to delete objects of type Tile** - /UserInterface/Tile/Query @@ -1854,7 +1860,7 @@ Here is a list of permissions required for different user profiles: - /UserInterface/Tile/Update - Permission to update objects of type Tile +**Permission to update objects of type Tile** - /UserInterface/TileDesignElement/Query @@ -1862,11 +1868,11 @@ Here is a list of permissions required for different user profiles: - /UserInterface/TileItem/Create - Permission to create objects of type TileItem +**Permission to create objects of type TileItem** - /UserInterface/TileItem/Delete - Permission to delete objects of type TileItem +**Permission to delete objects of type TileItem** - /UserInterface/TileItem/Query @@ -1874,7 +1880,7 @@ Here is a list of permissions required for different user profiles: - /UserInterface/TileItem/Update - Permission to update objects of type TileItem +**Permission to update objects of type TileItem** - /UserInterface/UserByIdentityQuery/Query @@ -1890,11 +1896,11 @@ Here is a list of permissions required for different user profiles: - /Workflows/Activity/Create - Permission to create objects of type Activity +**Permission to create objects of type Activity** - /Workflows/Activity/Delete - Permission to delete objects of type Activity +**Permission to delete objects of type Activity** - /Workflows/Activity/Query @@ -1902,7 +1908,7 @@ Here is a list of permissions required for different user profiles: - /Workflows/Activity/Update - Permission to update objects of type Activity +**Permission to update objects of type Activity** - /Workflows/ActivityInstance/Query @@ -1930,11 +1936,11 @@ Here is a list of permissions required for different user profiles: - /Workflows/HomonymEntityLink/Create - Permission to create objects of type HomonymEntityLink +**Permission to create objects of type HomonymEntityLink** - /Workflows/HomonymEntityLink/Delete - Permission to delete objects of type HomonymEntityLink +**Permission to delete objects of type HomonymEntityLink** - /Workflows/HomonymEntityLink/Query @@ -1942,7 +1948,7 @@ Here is a list of permissions required for different user profiles: - /Workflows/HomonymEntityLink/Update - Permission to update objects of type HomonymEntityLink +**Permission to update objects of type HomonymEntityLink** - /Workflows/UserActivityInstance/AssignedTo @@ -1962,11 +1968,11 @@ Here is a list of permissions required for different user profiles: - /Workflows/Workflow/Create - Permission to create objects of type Workflow +**Permission to create objects of type Workflow** - /Workflows/Workflow/Delete - Permission to delete objects of type Workflow +**Permission to delete objects of type Workflow** - /Workflows/Workflow/Query @@ -1974,7 +1980,7 @@ Here is a list of permissions required for different user profiles: - /Workflows/Workflow/Update - Permission to update objects of type Workflow +**Permission to update objects of type Workflow** - /Workflows/WorkflowInstance/Query @@ -1984,7 +1990,7 @@ Here is a list of permissions required for different user profiles: - /Workflows/WorkflowInstance/Start - /Workflows/WorkflowInstance/Supervise - Permission to supervise objects of type WorkflowInstance +**Permission to supervise objects of type WorkflowInstance** - /Workflows/WorkflowInstanceData/Query diff --git a/docs/identitymanager/saas/integration-guide/profiles-permissions/rightsrestriction/index.md b/docs/identitymanager/saas/integration-guide/profiles-permissions/rightsrestriction/index.md index e885233587..2f44b2a5d7 100644 --- a/docs/identitymanager/saas/integration-guide/profiles-permissions/rightsrestriction/index.md +++ b/docs/identitymanager/saas/integration-guide/profiles-permissions/rightsrestriction/index.md @@ -37,7 +37,7 @@ Assign a profile based on users' dimensions by proceeding as follows: > > ``` - See the [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for + See the [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for additional information. 2. Write profile rules and profile rule contexts to make the previously created dimensions act as @@ -55,7 +55,7 @@ Assign a profile based on users' dimensions by proceeding as follows: The profile rule context must use a Sub-Binding to define the entity type that contains the dimension information. - See the [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for + See the [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for additional information. ## Limit an Entity's Visibility @@ -72,7 +72,7 @@ Limit an entity's visibility by proceeding as follows: > > ``` - See the [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for + See the [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for additional information. 2. Create an access control entity type to list all the properties whose visibility must be @@ -88,7 +88,7 @@ Limit an entity's visibility by proceeding as follows: As a result, all the properties listed in the access control entity type are hidden from users by default when they have the usual permissions written above. See the - [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for + [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for additional information. To be able to see these properties, a user must have these permissions with a full access. @@ -141,5 +141,5 @@ the profile. > > ``` -See the [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for +See the [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/integration-guide/provisioning/argumentsexpression/index.md b/docs/identitymanager/saas/integration-guide/provisioning/argumentsexpression/index.md index 21c94d5170..aa8dbc9fce 100644 --- a/docs/identitymanager/saas/integration-guide/provisioning/argumentsexpression/index.md +++ b/docs/identitymanager/saas/integration-guide/provisioning/argumentsexpression/index.md @@ -78,7 +78,7 @@ if (provisioningOrder.TryGetScalar("EmployeeId", out var employeeId) && (employe } } -return arguments;" /> +**return arguments;" />** ``` diff --git a/docs/identitymanager/saas/integration-guide/provisioning/how-tos/argumentsexpression/index.md b/docs/identitymanager/saas/integration-guide/provisioning/how-tos/argumentsexpression/index.md index fe625a23cd..eafa07c934 100644 --- a/docs/identitymanager/saas/integration-guide/provisioning/how-tos/argumentsexpression/index.md +++ b/docs/identitymanager/saas/integration-guide/provisioning/how-tos/argumentsexpression/index.md @@ -72,7 +72,7 @@ if (provisioningOrder.TryGetScalar("EmployeeId", out var employeeId) && (employe } } -return arguments;" /> +**return arguments;" />** ``` diff --git a/docs/identitymanager/saas/integration-guide/provisioning/prov-thresholds/index.md b/docs/identitymanager/saas/integration-guide/provisioning/prov-thresholds/index.md index 8d36336b95..720fab9b7d 100644 --- a/docs/identitymanager/saas/integration-guide/provisioning/prov-thresholds/index.md +++ b/docs/identitymanager/saas/integration-guide/provisioning/prov-thresholds/index.md @@ -17,7 +17,7 @@ Thresholds can be deactivated via the value `0`, though **they should not all be be "guarded" by at least one threshold. Once the changes have been reviewed, the blocked job can be resumed (or not). See the -[ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) topic for additional +[Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) topic for additional information. ## Thresholds for Provisioning @@ -36,5 +36,5 @@ the generation of provisioning orders. They are configured with: All thresholds are active. Therefore, the lowest threshold (according to the specific situation) would be the first to stop the generation of provisioning orders. -Distinct [ Thresholds ](/docs/identitymanager/saas/integration-guide/synchronization/synchro-thresholds/index.md) are configurable for +Distinct [Thresholds](/docs/identitymanager/saas/integration-guide/synchronization/synchro-thresholds/index.md) are configurable for synchronization. diff --git a/docs/identitymanager/saas/integration-guide/resources/index.md b/docs/identitymanager/saas/integration-guide/resources/index.md index 848d552878..1e0757bfca 100644 --- a/docs/identitymanager/saas/integration-guide/resources/index.md +++ b/docs/identitymanager/saas/integration-guide/resources/index.md @@ -13,7 +13,7 @@ repository. The source of truth for the engine is the data from external sources that are copied into Identity Manager's database. This persisted set of data, called _resources_, is stored in the **Resource -Repository**. See the [ Upward Data Synchronization ](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) +Repository**. See the [Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) topic for additional information. The repository keeps a full history of all the changes performed to the resources. It is hence @@ -28,7 +28,7 @@ Resources can be added to the resource repository from one of four ways: a reasonable amount of data. This is often used to input reference data that is not in the managed systems, or for which no source of truth exists. 3. Load data from a CSV file. This is how data from managed systems are loaded most of the time. See - the [ Upward Data Synchronization ](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) topic for + the [Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) topic for additional information. Any reference of identity data can be loaded into Identity Manager using CSV files. This is useful if the target organization already possess such files or can produce them easily. diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/assignment-dates/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/assignment-dates/index.md index 6b554f3b3a..012b10b535 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/assignment-dates/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/assignment-dates/index.md @@ -27,5 +27,5 @@ its end date equal to the records' latest end date. ## For Automatic Assignments The start and end dates of any automatic assignment are based on the dates from the -[ Context Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md)defined for the +[Context Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md)defined for the identities. diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md index ebf11e2b93..2b0a36693c 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md @@ -12,7 +12,7 @@ Assigning entitlements means giving users specific permissions, or access rights As Identity Manager relies on a [role-based](https://en.wikipedia.org/wiki/Role-based_access_control) assignment policy, entitlement -assignment is simply role assignment. See the [ Role Model ](/docs/identitymanager/saas/integration-guide/role-model/index.md)topic for +assignment is simply role assignment. See the [Role Model](/docs/identitymanager/saas/integration-guide/role-model/index.md)topic for additional information. So once a user is assigned a role, Identity Manager must make the right changes in the managed @@ -33,7 +33,7 @@ computing expected assignments based on existing users and the policy's roles an assignments can: - Result directly from the application of assignment rules on identities. See the - [ Assignment Policy ](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md)topic for additional information. + [Assignment Policy](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md)topic for additional information. - Be inferred and cascading from another assignment. Manual assignments and degradations are on the other hand, need to be requested individually through @@ -44,9 +44,12 @@ the UI. Some entitlements require the approval of one or several knowledgeable users before actually being assigned. This is standard procedure in many security-concerned organizations. -**NOTE:** This is configurable through the role's or resource type's approval workflow type. See the -[ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for +:::note +This is configurable through the role's or resource type's approval workflow type. See the +[Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for additional information. +::: + Each step of the approval workflow is associated with a workflow state, so that all assignments can be tracked and it is clear what step they are at. @@ -69,8 +72,11 @@ In addition to the workflow state that represents an assignment's progress in th any assignment also has a provisioning state to represent its progress in its lifetime from creation in the database to provisioning to the managed system and to its eventual deletion. -**NOTE:** Contrary to the workflow state that concerns all assignments, the provisioning state is +:::note +Contrary to the workflow state that concerns all assignments, the provisioning state is only about the assignments that need provisioning. +::: + For example, roles exist only in Identity Manager and not in the managed systems, so assigned roles do not have a provisioning state, unlike assigned resource types, scalars and navigation, etc. @@ -120,9 +126,12 @@ therefore: permission; - Kept as an exception if the configured rules do not apply to this particular case. -**NOTE:** Non-conforming assignments are to be reviewed on the **Role Reconciliation** and/or +:::note +Non-conforming assignments are to be reviewed on the **Role Reconciliation** and/or **Resource Reconciliation** screens. See the [Evaluate Policy](/docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/index.md) topic for additional information. +::: + Non-conforming assignments can still be split into two categories: @@ -165,7 +174,7 @@ resource type materializes: - The categorization of the created resource, which means both the correlation of the resource to an owner, and the classification of the resource into a specific type with specific rules between owner and owned resources. See the - [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional + [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. ### Reconciliation @@ -176,8 +185,11 @@ existence or its values do not comply with the policy. For example, a SAP account is found for a user who should not have one according to the role model's rules. -**NOTE:** An account can also be an orphan when it is found in the managed system, but no owner +:::note +An account can also be an orphan when it is found in the managed system, but no owner could be correlated. +::: + ### Consolidated states @@ -193,8 +205,11 @@ together with its nested scalar/navigation assignments, and it is described by t - ConsolidatedWorkflowReviewState represents the progress in the approval workflow for a manual assignment; - **NOTE:** Except for very technical use cases, resource types should not be requested manually, + :::note + Except for very technical use cases, resource types should not be requested manually, they should only be inferred by a role and thus assigned automatically. + ::: + - ConsolidatedWorkflowBlockedState indicates whether one or more of the nested scalars/navigations are blocked; diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/configureindirectpermissions/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/configureindirectpermissions/index.md index 34f7d103c4..323f7118b9 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/configureindirectpermissions/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/configureindirectpermissions/index.md @@ -7,7 +7,7 @@ sidebar_position: 80 # Configure Indirect Permissions The following how-to assumes that you have already read the topic on -[ Indirect Permissions ](/docs/identitymanager/saas/integration-guide/role-assignment/indirectpermissions/index.md). +[Indirect Permissions](/docs/identitymanager/saas/integration-guide/role-assignment/indirectpermissions/index.md). ## Configure Indirect Permissions in an Active Directory @@ -72,9 +72,7 @@ Even if two rules of a kind are needed, only one is pictured. Do not forget the #### Indirect permission display -After running a [ -Compute Role Model Task -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md), Indirect Permissions should now appear for your test user. +After running a [Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md), Indirect Permissions should now appear for your test user. The next screenshots were taken after adding the direct assignment directly inside the Active Directory. As such, the direct permission is also flagged as ```Non-conforming```. diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md index cbcc4186d0..a3196a6832 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md @@ -7,7 +7,7 @@ sidebar_position: 90 # Conforming Assignments The -[ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) is able to compute, for a given identity, the appropriate assignments. If you are interested in a detailed description of the actual Compute Role Model task algorithm, diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/index.md index 7bb1007e53..0a16bcd540 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/index.md @@ -7,7 +7,7 @@ sidebar_position: 40 # Evaluate Policy Evaluate Policy is the core algorithm of the assignment policy. See the -[ Assignment Policy ](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) topic for additional information. +[Assignment Policy](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) topic for additional information. The algorithm is applied by the server to a resource. It has the following responsibilities: @@ -17,7 +17,7 @@ The algorithm is applied by the server to a resource. It has the following respo - Managing assignment lifecycle: updating provisioning states - Purging expired assignments -See the [ Risk Management ](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) topic for additional information. +See the [Risk Management](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) topic for additional information. ## Overview @@ -46,8 +46,8 @@ Evaluate Policy is executed by the task `Usercube-Compute-RoleModel`, usually in regularly scheduled provisioning job. See the [Connectors](/docs/identitymanager/saas/integration-guide/connectors/index.md), -[ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md), -and [ Jobs ](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md) topics for additional information. +[Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md), +and [Jobs](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md) topics for additional information. ## The Algorithm Steps @@ -80,18 +80,21 @@ To improve execution time, two optimizations are used: - Identity Manager only selects resources for which a new assignment computation is needed. They are resources updated during the last incremental synchronization, and resources that depend on them. They are identified by the dirty flag, set during incremental synchronization. See the - [ Upward Data Synchronization ](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) topic for + [Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) topic for additional information. -**NOTE:** For very few edge cases, dependencies between resource values can be difficult to identify +:::note +For very few edge cases, dependencies between resource values can be difficult to identify within Identity Manager. An example involves entity property expressions using [LINQ](https://docs.microsoft.com/en-us/dotnet/csharp/programming-guide/concepts/linq/) syntax. See -the [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)topic for +the [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)topic for additional information. A second- or third-order binding used in such an expression actually defines a dependency. But Identity Manager does not account for it, because of performance-reliability trade-offs. That means a resource `R1`, using such an expression to compute one of its properties values from another resource `R2` property value, might not be updated even if `R2` has been updated by incremental synchronization. This too can be fixed by using complete synchronization once a day. +::: + **Step 2 –** **Compute expected assignments** @@ -132,10 +135,10 @@ with the assignment rules, and are displayed in the Resource Reconciliation scre Let's detail the rule enforcement mechanisms. -Match context rules +**Match context rules** Dimensions are really the basis of an assignment process. See the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Before starting, a context rule is applied, giving for the input resource: @@ -145,10 +148,10 @@ Before starting, a context rule is applied, giving for the input resource: ![Computing Context For Input Resource](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/enforce-context.webp) -Computing expected role assignments +**Computing expected role assignments** Role assignments, on the other hand, are the outcome of the assignment process. See the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Role assignments are the output of composite role rules and single role rules enforcement. The @@ -158,7 +161,7 @@ resource-identity. ![Computing Expected Role Assignments](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/compute-expected-1.webp) -Enforcing composite role rules +**Enforcing composite role rules** The first rules that are enforced are the composite role rules. See the [Composite Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerolerule/index.md)topic @@ -176,12 +179,15 @@ Then automation rules are enforced on assigned composite roles. See the [Automation Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md) topic for additional information. -**NOTE:** Enforcing automation rules on an assignment means to find, for each assignment, the +:::note +Enforcing automation rules on an assignment means to find, for each assignment, the matching automation rule, looking at the last review or the creation date, comparing it to the time defined in the rule and, if needed, apply the rule decision that may approve or decline the assignment. +::: + -Enforcing single role rules +**Enforcing single role rules** Then, single role rules are enforced. That means assigning a specific single role to the input resource based on its context and existing assigned composite roles, i.e. the composite roles @@ -197,10 +203,10 @@ expected assignments list. Then automation rules are enforced on assigned single roles. -Expected provisioning assignments +**Expected provisioning assignments** Fulfillment is just the consequence of the role assignment process. See the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Provisioning-orders-to-be are the output of resource type rules, navigation rules and scalar rules. @@ -213,7 +219,7 @@ topic for additional information. ![Computing Expected Provisioning Assignments](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/compute-expected-2.webp) -Enforcing resource type rules +**Enforcing resource type rules** Resource type rules are enforced. This means creating and adding assigned resource types to the expected assignments list. This means enforcing the need for a resource of that type to be created @@ -229,7 +235,7 @@ act of assigning a resource to an owner almost always is the consequence of a ro cases for which a single, isolated resource, is "assigned" (i.e. created with specific values) is rare and is more of a solution to a specific technical problem. -Enforcing navigation rules +**Enforcing navigation rules** Finally, navigation rules are enforced. They aim to complete the information about the resource to be created because of the assigned resource types. If the type rule is the what, this is the how. @@ -248,7 +254,7 @@ provisioning-order-to-be, of assigning a role to a resource. This means also no assigned resource type, no navigation assignment. Resource type rules are a prerequisite for the associated navigation rules to be enforced. -Enforcing scalar rules +**Enforcing scalar rules** Finally, the scalar rules associated with the target's resource type are enforced and become assigned resource scalars that will also result in a provisioning order. @@ -362,7 +368,7 @@ non conforming values in the managed systems that need to be fixed. That list will eventually become provisioning orders that will be sent to the agent for fulfillment. -What constitutes a difference? +**What constitutes a difference?** Expected resource and their values not matching the existing resource and their value, for an existing assignment with an `Applied` or `Executed` provisioning state. @@ -452,8 +458,11 @@ Differences are displayed in the following screens: - **Redundant Assignments** displays `Approved` assigned roles and assigned resource types tagged as eligible to be turned into `Calculated`. -_Remember,_ **Role Review** is a little bit different as it displays manually requested assignments +:::tip +Remember, **Role Review** is a little bit different as it displays manually requested assignments waiting for manual approval. +::: + ### A target value to update diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/existingassignmentsdeduction/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/existingassignmentsdeduction/index.md index 816949a528..b60670e329 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/existingassignmentsdeduction/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/existingassignmentsdeduction/index.md @@ -7,7 +7,7 @@ sidebar_position: 100 # Existing Assignments The -[ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) can deduce from synchronized data a list of assignments for every identity. ## Overview diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/generate-contexts/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/generate-contexts/index.md index 0759ae5efe..afe27848ed 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/generate-contexts/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/generate-contexts/index.md @@ -7,9 +7,9 @@ sidebar_position: 50 # Generate Contexts A context is a set of dimension-value pairs computed using the -[ Context Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) or the +[Context Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) or the combination of a context rule and the -[ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) if record +[Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) if record sections are configured. A context is used to compute the role assignments for an identity by verifying that the @@ -19,7 +19,7 @@ dimension-value pairs meet the role criteria. When using only a context rule without a record section, the context generation is straightforward: a set of dimension-value pairs is created by computing the value of the dimension bindings on the -[ Context Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md). +[Context Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md). > For example, the following context rule defines guests' contexts based on their start date, end > date, and company. @@ -36,7 +36,7 @@ As described in the [Identity Management](/docs/identitymanager/saas/integration complex to model. Records were introduced to tackle this complexity by allowing multiple positions for the same identity. -[ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) go further +[Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) go further by modeling the relationship between positions. Indeed with record sections, it is possible to define: @@ -174,4 +174,4 @@ By default, the previous position is extended when there is a gap. If there isn' position then the next position will be anticipated. The choice of the position to extend can be configured by leveraging the `SortKeyExpression` in the -position [ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). +position [Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/how-tos/configureindirectpermissions/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/how-tos/configureindirectpermissions/index.md index cfdcfa4911..9939098ab6 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/how-tos/configureindirectpermissions/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/how-tos/configureindirectpermissions/index.md @@ -1,7 +1,7 @@ # Configure Indirect Permissions The following how-to assumes that you have already read the topic on -[ Indirect Permissions ](/docs/identitymanager/saas/integration-guide/role-assignment/indirectpermissions/index.md). +[Indirect Permissions](/docs/identitymanager/saas/integration-guide/role-assignment/indirectpermissions/index.md). ## Configure Indirect Permissions in an Active Directory @@ -66,9 +66,7 @@ Even if two rules of a kind are needed, only one is pictured. Do not forget the #### Indirect permission display -After running a [ -Compute Role Model Task -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md), Indirect Permissions should now appear for your test user. +After running a [Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md), Indirect Permissions should now appear for your test user. The next screenshots were taken after adding the direct assignment directly inside the Active Directory. As such, the direct permission is also flagged as ```Non-conforming```. diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/how-tos/infer-single-roles/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/how-tos/infer-single-roles/index.md index 11a080d204..1d617b32db 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/how-tos/infer-single-roles/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/how-tos/infer-single-roles/index.md @@ -3,14 +3,14 @@ This guide shows how to assign several single roles via the assignment of one composite role. It is possible to infer SingleRoles with -[ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md). The +[Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md). The SingleRole can only be inferred by the CompositeRole if both the CompositeRole and SingleRole rules are verified. ## Create a Dimension The restriction of resource allocations is done from a filter. To do this, it is necessary to create -[ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) to define which +[Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) to define which EntityTypes the filters will apply to. For the different examples of restrictions, the filters will be based on the EntityType @@ -28,7 +28,7 @@ A CompositeRole is created in the same way as a SingleRole. ``` - +**** ``` @@ -41,7 +41,7 @@ The CompositeRoleRule can be limited with the use of dimensions. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/how-tos/restrict-assignment/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/how-tos/restrict-assignment/index.md index 4d81d5fa2c..02e85c887e 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/how-tos/restrict-assignment/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/how-tos/restrict-assignment/index.md @@ -6,7 +6,7 @@ or resource type. ## Create a Dimension The restriction of resource allocations is done from a filter. To do this, it is necessary to create -[ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) to define which +[Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) to define which EntityTypes the filters will apply to. For the different examples of restrictions, the filters will be based on the EntityType @@ -21,7 +21,7 @@ For the different examples of restrictions, the filters will be based on the Ent ## Create a Single Role To be able to filter with the dimensions previously created, it is necessary to first create -[ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) which will +[Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) which will serve as a restriction to the assignment of ResourceTypes for a given source. The example below creates a SingleRole for the EntityType Directory_User (source of the @@ -41,7 +41,7 @@ We will define a ``` - +**** ``` @@ -49,7 +49,7 @@ D1 represents the dimension whose ColumnMapping="1". ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/index.md index f8f22a495a..defbae9827 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/index.md @@ -10,4 +10,4 @@ Once the role model is established, role assignment can be performed, i.e. missi assignments can be detected in order to give users the appropriate access rights. Be sure to read first the documentation about the role model. See the -[ Role Model ](/docs/identitymanager/saas/integration-guide/role-model/index.md) topic for additional information. +[Role Model](/docs/identitymanager/saas/integration-guide/role-model/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/indirectpermissions/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/indirectpermissions/index.md index fa3203fc9f..b24aea88c1 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/indirectpermissions/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/indirectpermissions/index.md @@ -8,7 +8,7 @@ sidebar_position: 120 Identity Manager can compute, for a given identity, permissions that are obtained implicitly or indirectly through assignments. The -[ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) is responsible for this functionality. ## Overview @@ -22,7 +22,7 @@ transitive permission acquisitions. These permissions are called indirect. This extended when permissions in a managed system also give other permissions in an external system. Indirect Permissions are automatically computed by the -[ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) along with standard explicit or direct permissions during a full update. Indirect permissions will not be computed when processing a single user (for instance through "Repair Data (helpdesk)") or during simulations. @@ -30,23 +30,23 @@ during simulations. ## Configuration The computation of Indirect Permissions is based on the configured -[ Indirect Resource Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/indirectresourcerule/index.md). +[Indirect Resource Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/indirectresourcerule/index.md). These rules tell Identity Manager how to navigate the managed system and how to recover permissions that a user inherits implicitly. An Indirect Resource Rule is composed of the following properties: - `ResourceType`—The [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) to which the rule will be applied. -- `Property` — The [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) +- `Property` — The [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to the user permission in the _target_ system. - `Correspondence` (optional)— The - [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that is used to + [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that is used to recover the correspondence of a resource from the _target_ system in the _external_ system. - `CorrespondenceMembershipProperty` (optional) — The - [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to + [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to the user permission in an _external_ system. - `Entitlement` (optional) — The - [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that can be + [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that can be configured if the permission in the _external_ system needs to be recovered from the discovered resources. For instance one can use this property to recover the entitlements of Sharepoint groups (while `CorrespondenceMembershipProperty` will be used to recover the group membership graph). @@ -58,16 +58,16 @@ If `Entitlement` is specified, then both `Correspondence` and `CorrespondenceMem also need to be specified. - `TargetEntityTypeProperty` — The - [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which identifies + [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which identifies each rule given a resource type. - `TargetEntityTypeReflexiveProperty` — The - [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to + [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to the user permission in the _target_ system. -- `IndirectResourceBinding`— The [ Bindings ](/docs/identitymanager/saas/integration-guide/toolkit/bindings/index.md) that is used to +- `IndirectResourceBinding`— The [Bindings](/docs/identitymanager/saas/integration-guide/toolkit/bindings/index.md) that is used to recover an assignment from a permission in either system (target or external). It is also used to define the correspondence between resources in both systems. - `IndirectResourceReflexiveProperty` (optional): The - [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to + [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) which corresponds to the user permission in an _external_ system. Correspondences between resources are necessarily one-sided: the Indirect Permissions computation is @@ -75,22 +75,22 @@ started in the managed system and if a correspondence is found, the computation the external system. Correspondences won't be checked in the external system. An example of an Indirect Resource Rule configuration is available in How-To: -[ Configure Indirect Permissions ](/docs/identitymanager/saas/integration-guide/role-assignment/configureindirectpermissions/index.md) in an Active +[Configure Indirect Permissions](/docs/identitymanager/saas/integration-guide/role-assignment/configureindirectpermissions/index.md) in an Active Directory. ## What Can Be an Indirect Permission? The -[ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) will create indirect Assigned Resource Navigations for the permissions that it finds, but if and only if these permissions are associated with a [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md). -If a [ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) is associated +If a [Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) is associated with one of these Resource Navigation Rules, then an indirect Single Role will also be recovered. Finally, if at least one indirect Single Role is used to recover a -[ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md), then the +[Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md), then the Composite Role will also be indirect. ## What Can Be Done with Indirect Permissions? diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/infer-single-roles/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/infer-single-roles/index.md index 4d7128f890..ae6b488f41 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/infer-single-roles/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/infer-single-roles/index.md @@ -9,14 +9,14 @@ sidebar_position: 70 This guide shows how to assign several single roles via the assignment of one composite role. It is possible to infer SingleRoles with -[ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md). The +[Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md). The SingleRole can only be inferred by the CompositeRole if both the CompositeRole and SingleRole rules are verified. ## Create a Dimension The restriction of resource allocations is done from a filter. To do this, it is necessary to create -a [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) to define which +a [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) to define which EntityTypes the filters will apply to. For the different examples of restrictions, the filters will be based on the EntityType @@ -34,7 +34,7 @@ A CompositeRole is created in the same way as a SingleRole. ``` - +**** ``` @@ -47,7 +47,7 @@ The CompositeRoleRule can be limited with the use of dimensions. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/nonconformingdetection/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/nonconformingdetection/index.md index d2cca7cca3..42091321d2 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/nonconformingdetection/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/nonconformingdetection/index.md @@ -7,7 +7,7 @@ sidebar_position: 110 # Non-Conforming Assignments The -[ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) is able to detect from synchronized data a list of non-conforming or missing resources/entitlements for every identity. That is one of Identity Manager's most powerful governance features, provided you have a full role model configured. @@ -15,13 +15,13 @@ you have a full role model configured. ## Build the conforming assignment list The **first step** is building the conforming assignment list, as explained in the -[ Conforming Assignments ](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md). This list (list `A`) +[Conforming Assignments](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md). This list (list `A`) includes the assignments that perfectly comply with the role model/assignment policy. ## Build the existing assignment list The **second step** is building the existing assignment list (list `B`), as explained in -the[ Existing Assignments ](/docs/identitymanager/saas/integration-guide/role-assignment/existingassignmentsdeduction/index.md) every synced resource can be +the[Existing Assignments](/docs/identitymanager/saas/integration-guide/role-assignment/existingassignmentsdeduction/index.md) every synced resource can be translated into a role assignment following the assignment rules "in reverse". ## Compare both lists diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/restrict-assignment/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/restrict-assignment/index.md index 02d560e5b7..e1c1cf154a 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/restrict-assignment/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/restrict-assignment/index.md @@ -12,7 +12,7 @@ or resource type. ## Create a Dimension The restriction of resource allocations is done from a filter. To do this, it is necessary to create -a [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) to define which +a [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) to define which EntityTypes the filters will apply to. For the different examples of restrictions, the filters will be based on the EntityType @@ -27,7 +27,7 @@ For the different examples of restrictions, the filters will be based on the Ent ## Create a Single Role To be able to filter with the dimensions previously created, it is necessary to first create -[ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) which will +[Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) which will serve as a restriction to the assignment of ResourceTypes for a given source. The example below creates a SingleRole for the EntityType Directory_User (source of the @@ -47,7 +47,7 @@ We will define a ``` - +**** ``` @@ -55,7 +55,7 @@ D1 represents the dimension whose ColumnMapping="1". ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/role-assignment/role-model-rules/index.md b/docs/identitymanager/saas/integration-guide/role-assignment/role-model-rules/index.md index 0dda34b1a7..3f057fb81a 100644 --- a/docs/identitymanager/saas/integration-guide/role-assignment/role-model-rules/index.md +++ b/docs/identitymanager/saas/integration-guide/role-assignment/role-model-rules/index.md @@ -13,7 +13,7 @@ and risks. It contains the role model and risks definition. The Introduction Guide introduced the role model and how it influences assigning entitlements to identities. Let's sum up the key principles here. See the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. 1. Identities are resources. @@ -22,13 +22,13 @@ topic for additional information. assignment policy to grant entitlements to identities, i.e. granting a role entails granting entitlements. 4. The role model is first a catalog of available roles - ([ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and - [ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md)), + ([Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and + [Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md)), identified by meaningful names aimed at non-technical end-users. These roles represent status of trust and privileges, to be assigned to identities, manually or automatically. 5. The role model is also a set of rules aiming at assign automatically roles to identities, based on relevant criteria, namely - [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md). + [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md). 6. The role model classifies resources by security concerns thanks to resource types. 7. The role model contains correlation rules identifying ownership of target resource by an identity. @@ -36,7 +36,7 @@ topic for additional information. values should be computed from source resource values. Resource types, single roles and composite roles can be grouped into -[ Category ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/category/index.md). They are used in the +[Category](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/category/index.md). They are used in the UI to organize the Roles catalog display. Categories are organized in a hierarchical tree structure. ### Policy @@ -62,13 +62,13 @@ knowledgeable member of the target organization, to define key criteria on which of entitlements decisions. Those key criteria are called dimensions. The integration team defines -[ Context Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) and -[ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md)in the +[Context Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) and +[Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md)in the applicative configuration that assigns, for every identity, a context as a set of dimension-value pair. The details of how contexts are generated can be found in -[ Generate Contexts ](/docs/identitymanager/saas/integration-guide/role-assignment/generate-contexts/index.md). +[Generate Contexts](/docs/identitymanager/saas/integration-guide/role-assignment/generate-contexts/index.md). Every dimension is associated with a finite set of possible values. That means there is a finite set of possible context. Hence, typical contexts within which an identity operates are modeled. @@ -116,7 +116,7 @@ The following gives a few ideas about how a to approach the writing of a role mo The first iteration of building of the organization reference model starts to reveal the archetypal responsibilities and positions of the members of the organization. A -[ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) is defined for +[Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) is defined for every fine-grained organization-level responsibility or position. ##### Example @@ -147,7 +147,7 @@ The project manager needs access to the `data0` and `data1` servers with client ### 2. Identify navigation rules and ownership -For every [ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) assigned +For every [Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) assigned to an identity, fine-grained entitlements need to be granted. Those are the resource values in a managed system. @@ -159,7 +159,7 @@ They are materialized by: - Provisioning rules, such as Resource Type rules that decide what resources should be found in the managed systems; and navigation rules or scalar rules, that identify actual values to be fulfilled from the identity to which the single role is assigned; -- [ Resource Correlation Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) +- [Resource Correlation Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) that identify for an identity, the target resources to fulfill; - Resource type that organize resources and describe a source/target (or owner/resource) relationship. @@ -187,18 +187,18 @@ account, used to login to work, must be known. To modelize that need within the role model, every identity with `Internet Access` single role is associated with an Active Directory account. We can find the Active Directory for an identity by comparing the identity email with the Active Directory entry e-mail. That's an example of -[ Resource Correlation Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) +[Resource Correlation Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) that define the ownership of an Active Directory entry resource by an identity resource. ### 3. Write assignment rules [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) describe criteria for which a -[ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) is assigned to a +[Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) is assigned to a resource. The main criterion is a dimension value. For a given resource, the single role is assigned if the resource's context matches the given dimension value. The second criterion is the assignment of a specific -[ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) (see +[Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) (see further). A navigation rule describes a fine-grained entitlement in the form of resource association such as a @@ -224,8 +224,8 @@ Active Directory entry resource should be set to the AD group named `Internet Ac ### 4. Use Composite Roles To Organize Single Roles (optional) -[ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) can be packaged -into [ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md). +[Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) can be packaged +into [Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md). Assigning a composite role to an identity immediately assigns the packaged single role to that identity. Single roles assigned this way are said to be inferred. @@ -256,7 +256,7 @@ This series of steps is actually a very simplified version of the ![Cascading From Dimensions To Roles To Provisioning Orders](/img/product_docs/identitymanager/saas/integration-guide/role-model/role-model-rules/enforce-assignment-policy-summary.webp) ---- +**---** ## Evaluate Policy diff --git a/docs/identitymanager/saas/integration-guide/role-mining/index.md b/docs/identitymanager/saas/integration-guide/role-mining/index.md index 4abf808c12..4e489b5f1f 100644 --- a/docs/identitymanager/saas/integration-guide/role-mining/index.md +++ b/docs/identitymanager/saas/integration-guide/role-mining/index.md @@ -8,13 +8,13 @@ sidebar_position: 100 Role mining aims to reduce the cost of entitlement management by automating entitlement assignments, via the analysis of existing assignments. See the -[ Automate Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md) topic for +[Automate Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md) topic for additional information. ## Overview After the role catalog is established, the -[ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) is able to assign single roles to users according to their attributes which are used as assignment criteria. @@ -34,7 +34,7 @@ assign single roles to certain users matching given criteria. Role mining is a Machine Learning process. It is a statistic tool used to emphasize the dimensions that constitute the key criteria for existing role assignments. See the -[ Conforming Assignments ](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md)topic for +[Conforming Assignments](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md)topic for additional information. It detects the most probable links between identities dimensions and their roles in order to suggest the appropriate entitlement assignment rules. @@ -45,14 +45,14 @@ roles in order to suggest the appropriate entitlement assignment rules. Role mining being a statistic tool based on existing entitlement assignments, it appears useless if the role model contains fewer than 2,000 role assignments. Then, start by reinforcing the -[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md). +[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md). ### Technical Principles Role mining works through -[ Mining Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md) that Identity Manager +[Mining Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md) that Identity Manager applies with the -[ Get Role Mining Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md). +[Get Role Mining Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md). ### Entitlement differentiation with rule types @@ -123,13 +123,13 @@ remain unchanged: ## Perform Role Mining See the -[ Perform Role Mining ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) for +[Perform Role Mining](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) for additional information. ### Simulation Be aware that you can configure the -[ Get Role Mining Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) +[Get Role Mining Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) to generate role assignment rules either directly or in a [Simulation](/docs/identitymanager/saas/integration-guide/simulation/index.md). Simulating the results of role mining allows a knowledgeable user to analyze the impact of role diff --git a/docs/identitymanager/saas/integration-guide/role-model/index.md b/docs/identitymanager/saas/integration-guide/role-model/index.md index 9495076f2c..b257235446 100644 --- a/docs/identitymanager/saas/integration-guide/role-model/index.md +++ b/docs/identitymanager/saas/integration-guide/role-model/index.md @@ -11,7 +11,7 @@ It is composed mainly of roles, representing entitlements, and rules, enforcing assignment policies. Make sure to read the introduction on entitlement management first. See the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic +[Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. ## Roles @@ -31,7 +31,7 @@ In this way, the role model can be seen as a ## Assignment Rules An -[ Automate Role Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) +[Automate Role Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) gives an entitlement to a user, usually based on (at least) one criterion from the user's data. Assignment rules are: diff --git a/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md b/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md index 4df0c8e56b..e7537dfb29 100644 --- a/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md +++ b/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md @@ -6,7 +6,7 @@ and risks. It contains the role model and risks definition. ## The Role Model The Introduction Guide introduced the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) and +[Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) and how it influences assigning entitlements to identities. Let's sum up the key principles here. 1. Identities are resources. @@ -15,13 +15,13 @@ how it influences assigning entitlements to identities. Let's sum up the key pri assignment policy to grant entitlements to identities, i.e. granting a role entails granting entitlements. 4. The role model is first a catalog of available roles - ([ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and - [ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md)), + ([Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and + [Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md)), identified by meaningful names aimed at non-technical end-users. These roles represent status of trust and privileges, to be assigned to identities, manually or automatically. 5. The role model is also a set of rules aiming at assign automatically roles to identities, based on relevant criteria, namely - [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md). + [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md). 6. The role model classifies resources by security concerns thanks to resource types. 7. The role model contains correlation rules identifying ownership of target resource by an identity. @@ -29,7 +29,7 @@ how it influences assigning entitlements to identities. Let's sum up the key pri values should be computed from source resource values. Resource types, single roles and composite roles can be grouped into -[ Category ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/category/index.md). They are used in the +[Category](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/category/index.md). They are used in the UI to organize the Roles catalog display. Categories are organized in a hierarchical tree structure. ### Policy @@ -179,7 +179,7 @@ account, used to login to work, must be known. To modelize that need within the role model, every identity with `Internet Access` single role is associated with an Active Directory account. We can find the Active Directory for an identity by comparing the identity email with the Active Directory entry e-mail. That's an example of -[ Resource Correlation Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) +[Resource Correlation Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) that define the ownership of an Active Directory entry resource by an identity resource. ### 3. Write assignment rules @@ -246,7 +246,7 @@ This series of steps is actually a very simplified version of the ![Cascading From Dimensions To Roles To Provisioning Orders](/img/product_docs/identitymanager/saas/integration-guide/role-model/role-model-rules/enforce-assignment-policy-summary.webp) ---- +**---** ## Evaluate Policy diff --git a/docs/identitymanager/saas/integration-guide/simulation/index.md b/docs/identitymanager/saas/integration-guide/simulation/index.md index 5f4859acbd..dc159eb9d9 100644 --- a/docs/identitymanager/saas/integration-guide/simulation/index.md +++ b/docs/identitymanager/saas/integration-guide/simulation/index.md @@ -15,18 +15,18 @@ Identity Manager's simulations gather roles and rules which are to be created, m without being inserted in the actual role model straight away. More specifically, a simulation can involve: -- [ Resource Correlation Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) +- [Resource Correlation Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) and - [ Resource Classification Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md); + [Resource Classification Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md); - Scalar rules and navigation rules; - [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) rules; -- [ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and - [ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md); +- [Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and + [Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md); - [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md)and [Composite Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerolerule/index.md). A simulation can also be created by the role mining tool for the automation of role assignments. See -the [ Perform Role Mining ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) +the [Perform Role Mining](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) topic for additional information. Through simulation, integrators can: @@ -44,5 +44,5 @@ action (creation/modification/deletion) on the role model. ## Perform a Simulation -See the [ Perform a Simulation ](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) for additional +See the [Perform a Simulation](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) for additional information. diff --git a/docs/identitymanager/saas/integration-guide/synchronization/index.md b/docs/identitymanager/saas/integration-guide/synchronization/index.md index 7cfa3f68c4..98a85e4910 100644 --- a/docs/identitymanager/saas/integration-guide/synchronization/index.md +++ b/docs/identitymanager/saas/integration-guide/synchronization/index.md @@ -8,10 +8,10 @@ sidebar_position: 60 The documentation is not yet available for this page and will be completed in the near future. -See more information about [ Upward Data Synchronization ](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md). +See more information about [Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md). -See how to [ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md)for a given managed +See how to [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md)for a given managed system. See how to anticipate changes due to synchronization thanks to -[ Thresholds ](/docs/identitymanager/saas/integration-guide/synchronization/synchro-thresholds/index.md). +[Thresholds](/docs/identitymanager/saas/integration-guide/synchronization/synchro-thresholds/index.md). diff --git a/docs/identitymanager/saas/integration-guide/synchronization/synchro-thresholds/index.md b/docs/identitymanager/saas/integration-guide/synchronization/synchro-thresholds/index.md index 00b357a316..268de0f456 100644 --- a/docs/identitymanager/saas/integration-guide/synchronization/synchro-thresholds/index.md +++ b/docs/identitymanager/saas/integration-guide/synchronization/synchro-thresholds/index.md @@ -17,7 +17,7 @@ Thresholds can be deactivated via the value `0`, though they should not all be. "guarded" by at least one threshold. Once the changes have been reviewed, the blocked job can be resumed (or not). See the -[ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) topic for additional +[Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) topic for additional information. As long as a synchronization job is blocked for a connector, the export, prepare-synchronization and @@ -29,7 +29,7 @@ launched in complete mode. Synchronization thresholds can be configured in XML files via: -- [ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) to +- [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) to count the number of resources impacted by synchronization inside a given entity type. They are configured with: @@ -39,7 +39,7 @@ Synchronization thresholds can be configured in XML files via: | `MaximumInsertedLines` | `MaxPercentageInsertedLines` | | `MaximumUpdatedLines` | `MaxPercentageUpdatedLines` | -- [ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +- [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) to count the number of navigation properties impacted by synchronization inside a given entity type. They are configured with: @@ -48,7 +48,7 @@ Synchronization thresholds can be configured in XML files via: | `MaximumLinkDeletedLines` | `MaxLinkPercentageDeletedLines` | | `MaximumLinkInsertedLines` | `MaxLinkPercentageInsertedLines` | -- [ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) to count the number +- [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) to count the number of resources and/or navigation properties impacted by synchronization inside all entity types of a given connector. They are configured with: @@ -76,5 +76,5 @@ If the entity type's threshold values are higher than the connector's, then Iden synchronization as soon as the number of modifications exceeds the connector's threshold values (100 resources or 1000 navigation properties). -Distinct [ Thresholds ](/docs/identitymanager/saas/integration-guide/provisioning/prov-thresholds/index.md) are configurable for +Distinct [Thresholds](/docs/identitymanager/saas/integration-guide/provisioning/prov-thresholds/index.md) are configurable for provisioning. diff --git a/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md b/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md index 45a7e528b3..906da9ec64 100644 --- a/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md +++ b/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md @@ -16,14 +16,14 @@ Performing a _Sync Up_ allows the user to: the assignment computation; - check that previously edited provisioning orders have been accurately executed; - ascertains differences between the real managed system state and the - [ Assignment Policy ](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) theoretical state. + [Assignment Policy](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md) theoretical state. ## Overview ### A scheduled sync up per managed system _Sync Up_ is performed regularly, at least every day, as a set of -[ Tasks & Jobs ](/docs/identitymanager/saas/integration-guide/tasks-jobs/index.md). +[Tasks & Jobs](/docs/identitymanager/saas/integration-guide/tasks-jobs/index.md). A _Sync Up_ is planned for every managed system that interact with Identity Manager. @@ -116,12 +116,12 @@ writing a custom _Export_ process. If the managed system has built-in export capabilities, Identity Manager can simply rely on exports scheduled by the source managed system. Regularly, the managed system generates reports, in whatever format. A custom task, such as a -[ Invoke Expression Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md), +[Invoke Expression Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md), can then be used to retrieve the generated exports, adapt them to the _CSV source files_ format expected by Identity Manager and copy them to the [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md) export directory. The whole can be scheduled and orchestrated by a -[ Jobs ](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md). +[Jobs](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md). **For example**, a common scenario is to configure an HR management system to perform daily extracts of its data to CSV files for the _Agent_ to find. This usually can be set up without any Identity @@ -130,11 +130,11 @@ Manager's task, just by using the managed system and the organization's network If the managed system does not provide built-in export features but provides an API or an exposed database, it's possible to write a custom _export_ process based on that API or direct requests to the managed system's database. This process can then be used as an _export task_ wrapped in a -[ Invoke Expression Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) +[Invoke Expression Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) or an -[ Invoke Sql Command Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokesqlcommandtask/index.md). +[Invoke Sql Command Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokesqlcommandtask/index.md). See the -[ Invoke Expression Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) +[Invoke Expression Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) topic for additional information. Any Windows process that can be called from a PowerShell script and generate a CSV file can serve as an export process. @@ -195,7 +195,7 @@ work together to find the best compromise between reliability and execution time The following example demonstrates the native Active Directory export process. Exporting data from an Active Directory can be achieved by using the -[ Export Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) task within a +[Export Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) task within a Job. The Tasks requests from the source Active Directory all entries that match a configured filter. It @@ -242,19 +242,11 @@ CN=SG_APP_AG002,DC=internal;CN=U51630,DC=internal The aim of the _Sync Up_ is to load managed systems' data into the resource repository. As such, it requires Identity Manager to translate data from the managed system format (or, more accurately, the _export task_'s output format) into the resource repository format, that is, the [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md). -The translation rules are described in the applicative configuration by [ -Entity Type Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and [ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) elements. +The translation rules are described in the applicative configuration by [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) elements. Entity Type Mapping elements map the resources _CSV source files_ columns to [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md) properties. Each mapping also identifies one column as the _primary key_ for this Entity Type. The _primary key_ is used to uniquely identify a resource in the _Sync Up_ process. It's mandatory to be able to perform _incremental__Sync Up_, as it allows to identify a resource on which an _update_ or a _delete_ has to be performed. -[ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) elements translate the _CSV source files_ into [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md). They describe rules identifying associations between resources loaded thanks to the [](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)[ -Entity Type Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md). +[Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) elements translate the _CSV source files_ into [Entity Model](/docs/identitymanager/saas/integration-guide/entity-model/index.md). They describe rules identifying associations between resources loaded thanks to the [](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md). ## Prepare Synchro @@ -268,22 +260,14 @@ It's performed on the _Agent_-side. The following actions are performed on the _CSV source files._ -1. Removing columns that are not used in [ - Entity Type Mapping - ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or [ - Entity Association Mapping - ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +1. Removing columns that are not used in [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) 2. Entries that have a null primary key 3. Removing duplicates 4. Sorting entries according to the primary key The result of the _Prepare-Synchronization_ is stored in the [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings/index.md) export directory as three files: -For every entity type of the relevant _Connector_ involved in an[ -Entity Type Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or an[ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) `````` , a ```.sorted.csv``` file is generated, containing the final, cleaned, sorted result. +For every entity type of the relevant _Connector_ involved in an[Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or an[Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) `````` , a ```.sorted.csv``` file is generated, containing the final, cleaned, sorted result. Duplicates are kept in a separate ```.duplicates.csv``` file. @@ -327,9 +311,7 @@ Of course, any notification of a _complete__Prepare-Synchronization_ would cance ### Prepare synchronization tasks -- [ - Prepare Synchronization Task - ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) is the standard _prepare-synchronization_ task. +- [Prepare Synchronization Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) is the standard _prepare-synchronization_ task. - PrepareSynchronization Change Task is used to process data source files containing changes. - PrepareSynchronization ActiveDirectory Task is specialized for Active Directory. This task handles Active Directory _incremental_ prepare-synchronization by using Active Directory _cookies_. @@ -345,11 +327,7 @@ _Synchronization_ is the last step. It loads data into the resource repository f ### Translating -Before writing to the Identity Manager's database, the _Server_ uses [ -Entity Type Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and[ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) to translate _CSV source files_ into _Entity Model compliant_ resources and resolve association links. +Before writing to the Identity Manager's database, the _Server_ uses [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and[Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) to translate _CSV source files_ into _Entity Model compliant_ resources and resolve association links. ### Tables @@ -364,9 +342,7 @@ The _Synchronization_ step involves four tables from Identity Manager's database _Complete__synchronization_ starts with a ```.sorted.csv``` file that contains cleaned data, as in whole data, not mere changes. -_Complete synchronization_ replaces entirely the database resources. That means that all resource, for that [ -Connector -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md), that are in the database but not in the _CSV source files_ will be deleted. That means no change made to the database from outside of the connectors or the UI are persistent. +_Complete synchronization_ replaces entirely the database resources. That means that all resource, for that [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md), that are in the database but not in the _CSV source files_ will be deleted. That means no change made to the database from outside of the connectors or the UI are persistent. _Complete synchronization_ does not blindly insert data into Identity Manager database. Its aim is to update Identity Manager database to match the ```.sorted``` files received. @@ -396,9 +372,7 @@ Then, changes according to the _command_ column are applied to UR_Resources and ### Synchronization tasks -- [ - Synchronize Task - ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) is the standard _synchronization_ task. +- [Synchronize Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) is the standard _synchronization_ task. - SynchronizeChanges Task is used to handle changes together with PrepareSynchronization Change Task. - SynchronizeActive Directory Task is specialized for Active Directory. To be used with PrepareSynchronizationActiveDirectory Task. @@ -428,13 +402,7 @@ _Incremental_ mode also offers another optimization that will be described in th A introduced earlier, to mitigate the risk of data loss in the case of abnormal data source files, the _synchronization Job_ is locked if the number of changes to apply goes over a specific threshold. -Thresholds can be configured by the user in the applicative configuration and be specific to a [ -Connector -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md), an [ -Entity Type Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and/or an[ -Entity Association Mapping -](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). They are expressed as number of lines (ex: ```MaximumInsertedLines```) or as a rate (ex: ```MaxPercentageDeletedLines```). +Thresholds can be configured by the user in the applicative configuration and be specific to a [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md), an [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and/or an[Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). They are expressed as number of lines (ex: ```MaximumInsertedLines```) or as a rate (ex: ```MaxPercentageDeletedLines```). A synchronization task locked by a threshold can be unlocked by executing the Synchronization Validation task. @@ -442,9 +410,7 @@ Thresholds are ignored in _initial_ mode. The task's argument ```-force``` can be used to ignore thresholds. ---- +**---** -Next, a word about the [ -Assignment Policy -](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md). +Next, a word about the [Assignment Policy](/docs/identitymanager/saas/integration-guide/role-model/role-model-rules/index.md). ```` diff --git a/docs/identitymanager/saas/integration-guide/tasks-jobs/build-efficient-jobs/index.md b/docs/identitymanager/saas/integration-guide/tasks-jobs/build-efficient-jobs/index.md index 3858c138e6..f90e46fbd6 100644 --- a/docs/identitymanager/saas/integration-guide/tasks-jobs/build-efficient-jobs/index.md +++ b/docs/identitymanager/saas/integration-guide/tasks-jobs/build-efficient-jobs/index.md @@ -8,8 +8,11 @@ sidebar_position: 30 This topic shows how to build efficient jobs by minimizing their costs. -**NOTE:** The rules below must be followed when creating a new job, otherwise the frequent launch of +:::note +The rules below must be followed when creating a new job, otherwise the frequent launch of this scheduled job will trigger errors in a SaaS environment. +::: + ### Prerequisites @@ -56,7 +59,7 @@ additional information. ## Rule 2: Compute Only What's Necessary -Execute the tasks on the right entity types +**Execute the tasks on the right entity types** Many tasks can be executed either on all entity types, or on a given list of entity types. @@ -76,7 +79,7 @@ script in the command line.                      ``` -Launch incremental tasks rather than complete +**Launch incremental tasks rather than complete** When a task is supposed to be executed on changes only, then there is no use executing the task in complete mode. diff --git a/docs/identitymanager/saas/integration-guide/tasks-jobs/configure-incremental-job/index.md b/docs/identitymanager/saas/integration-guide/tasks-jobs/configure-incremental-job/index.md index 46dda12cf7..4719b8fb2c 100644 --- a/docs/identitymanager/saas/integration-guide/tasks-jobs/configure-incremental-job/index.md +++ b/docs/identitymanager/saas/integration-guide/tasks-jobs/configure-incremental-job/index.md @@ -23,7 +23,7 @@ See the [Set Up Incremental Synchronization](/docs/identitymanager/saas/integrat Configure a job to be incremental by proceeding as follows: 1. Configure the synchronization task - ([ Synchronize Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md)) + ([Synchronize Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md)) with `DoNotDeleteChanges` set to `true`. This way, Identity Manager keeps the list of all changed resources. @@ -38,7 +38,7 @@ Configure a job to be incremental by proceeding as follows: > ``` 2. Tag all changed resources by running - [ Set Recently Modified Flag Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) + [Set Recently Modified Flag Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) after SynchronizeTask. > For example, following the synchronization task for the Active Directory: diff --git a/docs/identitymanager/saas/integration-guide/tasks-jobs/fulfillldap/index.md b/docs/identitymanager/saas/integration-guide/tasks-jobs/fulfillldap/index.md index fb518fd2db..dbc26e2d8a 100644 --- a/docs/identitymanager/saas/integration-guide/tasks-jobs/fulfillldap/index.md +++ b/docs/identitymanager/saas/integration-guide/tasks-jobs/fulfillldap/index.md @@ -28,7 +28,7 @@ This configuration is to use the fill for the LDAP and configure the Reset Passw ## Add connection information to AD Connect -The [ LDAP ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldap/index.md) connection information define +The [LDAP](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/ldap/index.md) connection information define this section to add all information to use the AD Fulfillment. ``` @@ -38,12 +38,10 @@ appsettings.agent.json "Connections": { ... "ADFulfillment": { - "Servers": [ - { + "Servers": [{ "Server": "paris.contoso.com", "BaseDN": "DC=paris,DC=com" - } - ], + }], "AuthType": "Basic", "Login": "CN=exampleCn,DC=exampleDc1,DC=exampleDc2", "Password": "Password", @@ -54,7 +52,7 @@ appsettings.agent.json ``` After defining this settings, encrypt this JSON file with -[ Usercube-Protect-X509JsonFile ](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonfile/index.md). +[Usercube-Protect-X509JsonFile](/docs/identitymanager/saas/integration-guide/executables/references/protect-x509jsonfile/index.md). ## Configure The FulfillTask diff --git a/docs/identitymanager/saas/integration-guide/tasks-jobs/index.md b/docs/identitymanager/saas/integration-guide/tasks-jobs/index.md index 7951459d8d..fd3dea2a5a 100644 --- a/docs/identitymanager/saas/integration-guide/tasks-jobs/index.md +++ b/docs/identitymanager/saas/integration-guide/tasks-jobs/index.md @@ -11,9 +11,9 @@ actions, and jobs to orchestrate the tasks together. See the [Tasks](/docs/identitymanager/saas/integration-guide/tasks-jobs/tasks/index.md) topic for additional information. -See the [ Jobs ](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md) topic for additional information. +See the [Jobs](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md) topic for additional information. -See the [ Tasks ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md) topic for additional +See the [Tasks](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md) topic for additional information. Make sure to read how to [Build Efficient Jobs](/docs/identitymanager/saas/integration-guide/tasks-jobs/build-efficient-jobs/index.md). @@ -31,7 +31,7 @@ each one materialized into a building block of your Identity Manager solution. E serves a specific and well delimited IGA function. These building blocks are called [Tasks](/docs/identitymanager/saas/integration-guide/tasks-jobs/tasks/index.md), and can be easily organized together and -scheduled in [ Jobs ](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md). +scheduled in [Jobs](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md). This approach makes for a perfectly customizable product. It also tremendously helps our users to ease into Identity Manager by allowing them to understand it piece by piece. diff --git a/docs/identitymanager/saas/integration-guide/tasks-jobs/jobdaily/index.md b/docs/identitymanager/saas/integration-guide/tasks-jobs/jobdaily/index.md index c80a939fe7..c3820a440e 100644 --- a/docs/identitymanager/saas/integration-guide/tasks-jobs/jobdaily/index.md +++ b/docs/identitymanager/saas/integration-guide/tasks-jobs/jobdaily/index.md @@ -25,14 +25,14 @@ In the following example the Synchronization job for the Connector "AD" will be ``` - +**** ``` ### 2. Create the Export task If a pre-treatment is needed, you must create an -[ Export Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md). Otherwise +[Export Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md). Otherwise it is unnecessary. Choose the Export task corresponding to the connector. If the Export uses the incremental mode, set IgnoreCookieFile to true. @@ -51,7 +51,7 @@ Example : Create the Prepare Synchronization Task with the connector. Set `SynchronizationMode="Complete"` , except for -[ Prepare Synchronization Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) +[Prepare Synchronization Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) which doesn't need this parameter. If it is a Synchronization Changes, or ActiveDirectory, you must precise it with the `Type` attribute. @@ -67,7 +67,7 @@ Example : ``` See the -[ Prepare Synchronization Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) +[Prepare Synchronization Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) for additional information on the PrepareSynchronization task configuration. ### 4. Create the Synchronization task @@ -87,10 +87,10 @@ Example : ``` The Synchronization Validation Task is not needed , since it is managed by the -[ Jobs ](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md) state machine. +[Jobs](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md) state machine. For more information on Synchronization task configuration : -[ Synchronize Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) +[Synchronize Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) ### 5. Create the UpdateEntityPropertyExpressions task @@ -117,12 +117,12 @@ Example : ``` - +** ** ``` For more information about the ComputeCorrelationKey task configuration: -[ Compute Correlation Keys Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) +[Compute Correlation Keys Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) ### 7. Create the ComputeRoleModel task @@ -141,7 +141,7 @@ The TaskEntityType elements correspond to the sourceEntityTypes in the TargetEntityTypes that are part of the connector to provide. For more information on Compute Role Model task configuration: -[ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) ### 8. Create the GenerateProvisioningOrder task @@ -182,7 +182,7 @@ fulfillment must be not launch in the job. ### 10. Create the UpdateClassification task Create the Update Classification Task. The resource Classification is needed if one or more -[ Resource Classification Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) +[Resource Classification Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) are configured for the connector. ``` @@ -192,7 +192,7 @@ are configured for the connector. ``` For more information on Update Classification Task : -[ Update Classification Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) +[Update Classification Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) ### 11. Create the SetInternalUserProfiles task @@ -211,7 +211,7 @@ becomes useless. ``` For more information on SetInternalUserProfiles Task configuration : -[ Set Internal User Profiles Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) +[Set Internal User Profiles Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) ### 12. Create the all-tasks job @@ -226,4 +226,4 @@ Once the tasks created. You must create the job to launch all tasks. The job can be scheduled with the `CrontabExpression` attribute For more information on job configuration : -[ Job ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/job/index.md) +[Job](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/job/index.md) diff --git a/docs/identitymanager/saas/integration-guide/tasks-jobs/jobfast/index.md b/docs/identitymanager/saas/integration-guide/tasks-jobs/jobfast/index.md index 02372defea..25524be843 100644 --- a/docs/identitymanager/saas/integration-guide/tasks-jobs/jobfast/index.md +++ b/docs/identitymanager/saas/integration-guide/tasks-jobs/jobfast/index.md @@ -23,14 +23,14 @@ In the following example the Synchronization job for the Connector "AD" will be ``` - +**** ``` ### 2. Create the Export task If a pre-treatment is needed, you must create an -[ Export Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md). Otherwise +[Export Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md). Otherwise it is unnecessary. Choose the Export task corresponding to the connector. All Export task have the ContinueOnError property. It is advisable to begin with the value of True @@ -48,7 +48,7 @@ Example : Create the PrepareSynchronizationTask with the connector. Set `SynchronizationMode="Incremental"` , except for -[ Prepare Synchronization Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) +[Prepare Synchronization Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) which doesn't need this parameter and LDAP connector who need complete mode. If the job contain Exports for the same connector add the a link between the Prepare Synchronization @@ -63,18 +63,18 @@ Example : ``` For more information on PrepareSynchronization task configuration : -[ Prepare Synchronization Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) +[Prepare Synchronization Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) ### 4. Create the Synchronization task Create the SynchronizeTask corresponding to the Prepare Synchronization Task. If the Prepare Synchronization Task is a -[ Prepare Synchronization Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md), +[Prepare Synchronization Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md), then choose the -[ Synchronize Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md), +[Synchronize Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md), else if it is Prepare Synchronization Active Directory Task choose Synchronization ADDir Sync, else choose -[ Synchronize Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md). +[Synchronize Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md). In Incremental mode, you must set the attribute `DoNotDeleteChanges="true"` @@ -91,10 +91,10 @@ Example : ``` The Synchronization Validation Task is not needed , since it is managed by the -[ Jobs ](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md). +[Jobs](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md). For more information on Synchronization task configuration : -[ Synchronize Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) +[Synchronize Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) ### 5. Create the SetRecentlyModifiedFlag task @@ -110,7 +110,7 @@ in the database. ``` For more information on SetRecentlyModifiedFlag Task : -[ Set Recently Modified Flag Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) +[Set Recently Modified Flag Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) ### 6. Create the UpdateEntityPropertyExpressions task @@ -129,7 +129,7 @@ Example : ``` For more information on UpdateEntityPropertyExpressions Task configuration : -[ Update Entity Property Expressions Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) +[Update Entity Property Expressions Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) ### 7. Create the ComputeCorrelationKey task @@ -148,7 +148,7 @@ Example : ``` For more information about the Compute Role Model correlation keys task configuration: -[ Compute Correlation Keys Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) +[Compute Correlation Keys Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) ### 8. Create the ComputeRoleModel task @@ -171,7 +171,7 @@ The TaskEntityType elements correspond to the sourceEntityTypes in the TargetEntityTypes that are part of the connector to provide. For more information on Compute Role Model task configuration: -[ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) ### 9. Create the GenerateProvisioningOrder task @@ -210,7 +210,7 @@ fulfillment must be not launch in the job. ### 11. Create the UpdateClassification task Create the Update Classification Task. The resource Classification is needed if one or more -[ Resource Classification Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) +[Resource Classification Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) are configured for the connector. Set the attribute Dirty : `Dirty="true"`. Since dirty mode is enabled, a dependency is only needed to run the expression computation if the @@ -223,7 +223,7 @@ Task SetRecentlyModifiedFlag has been started. ``` For more information on Update Classification Task : -[ Update Classification Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) +[Update Classification Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) ### 12. Create the SetInternalUserProfiles task @@ -242,7 +242,7 @@ becomes useless. ``` For more information on SetInternalUserProfiles Task configuration : -[ Set Internal User Profiles Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) +[Set Internal User Profiles Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) ### 13. Create the all-tasks job @@ -258,4 +258,4 @@ Agent="Local"> For example, Identity Manager's tasks include synchronization, computation of entitlement > assignments, or provisioning of varied managed systems. See the list of all available -> [ Tasks ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md). +> [Tasks](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md). ## Data Consistency diff --git a/docs/identitymanager/saas/integration-guide/tasks-jobs/troubleshoot-connector-jobs/index.md b/docs/identitymanager/saas/integration-guide/tasks-jobs/troubleshoot-connector-jobs/index.md index 91d27a9269..db4f6828c8 100644 --- a/docs/identitymanager/saas/integration-guide/tasks-jobs/troubleshoot-connector-jobs/index.md +++ b/docs/identitymanager/saas/integration-guide/tasks-jobs/troubleshoot-connector-jobs/index.md @@ -27,7 +27,7 @@ In order to spot what was exported or not for the next incremental export, cooki in `Temp/ExportCookies`. See the -[ Usercube-Export-Configuration ](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) +[Usercube-Export-Configuration](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) topic for additional information. ### Prepare synchronization @@ -42,7 +42,7 @@ is prepared for synchronization. The output is stored in `Work/Collect`, and sent to the server to queue in `Work/Synchronization`. See the -[ Usercube-Export-Configuration ](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) +[Usercube-Export-Configuration](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) topic for additional information on how to prepare the synchronization executable `Usercube-Prepare-Synchronization`. @@ -64,7 +64,7 @@ The output is stored in `UR_ResourceChanges`. #### Synchronization: finalize When at least one synchronization -[ Thresholds ](/docs/identitymanager/saas/integration-guide/synchronization/synchro-thresholds/index.md) is exceeded, the change list +[Thresholds](/docs/identitymanager/saas/integration-guide/synchronization/synchro-thresholds/index.md) is exceeded, the change list can be seen in the **Synchronization Changes** tab, accessible from the job progress screen. When the synchronization thresholds are not exceeded, or they are bypassed, the potential diff --git a/docs/identitymanager/saas/integration-guide/toolkit/adjust-scaffoldings/index.md b/docs/identitymanager/saas/integration-guide/toolkit/adjust-scaffoldings/index.md index aa3cfc0c72..92036a0a17 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/adjust-scaffoldings/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/adjust-scaffoldings/index.md @@ -31,7 +31,7 @@ and as a last resort, when no scaffolding meets the needs, writing the configura Adjust XML configuration generated by a scaffolding by proceeding as follows: 1. When working via the UI, start by exporting UI configuration elements. See the - [ Usercube-Export-Configuration ](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) + [Usercube-Export-Configuration](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) topic for additional information. 2. Write an XML element whose identifier is the same as the one generated by the scaffolding. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/deploy-configuration/index.md b/docs/identitymanager/saas/integration-guide/toolkit/deploy-configuration/index.md index 45edddcf9e..270a044668 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/deploy-configuration/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/deploy-configuration/index.md @@ -36,7 +36,7 @@ executable and declaring at least: Deploy a SaaS XML configuration by proceeding as follows: 1. Log in for configuration deployment/export with the - [ Usercube-Login ](/docs/identitymanager/saas/integration-guide/executables/references/login/index.md) executable. + [Usercube-Login](/docs/identitymanager/saas/integration-guide/executables/references/login/index.md) executable. Identity Manager provides an OpenID Connect (OIDC) authentication process in order to ensure strong security, visibility and ease of use. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/export-configuration/index.md b/docs/identitymanager/saas/integration-guide/toolkit/export-configuration/index.md index faf7b7a662..2939dac5ab 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/export-configuration/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/export-configuration/index.md @@ -16,13 +16,13 @@ The process for configuration export varies according to the situation: - when working SaaS, the configuration must be exported remotely; See the -[ Usercube-Export-Configuration ](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) +[Usercube-Export-Configuration](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) topic for additional information. ## Export the Configuration Locally Export your configuration by using the -[ Usercube-Export-Configuration ](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) +[Usercube-Export-Configuration](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) executable and declaring at least: - the directory where the configuration is to be exported to; @@ -39,7 +39,7 @@ executable and declaring at least: Export a SaaS configuration by proceeding as follows: 1. Log in for configuration deployment/export with the - [ Usercube-Login ](/docs/identitymanager/saas/integration-guide/executables/references/login/index.md) executable. + [Usercube-Login](/docs/identitymanager/saas/integration-guide/executables/references/login/index.md) executable. Identity Manager provides an OpenID Connect (OIDC) authentication process in order to ensure strong security, visibility and ease of use. @@ -98,7 +98,7 @@ Export a SaaS configuration by proceeding as follows: Manager instance, to allow the configuration deployment/export. 4. Export the configuration by using the - [ Usercube-Export-Configuration ](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) + [Usercube-Export-Configuration](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) and declaring at least: - the configuration directory; diff --git a/docs/identitymanager/saas/integration-guide/toolkit/expressions/csharp-utility-functions/index.md b/docs/identitymanager/saas/integration-guide/toolkit/expressions/csharp-utility-functions/index.md index 44816140cb..3afbc49668 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/expressions/csharp-utility-functions/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/expressions/csharp-utility-functions/index.md @@ -32,7 +32,7 @@ string? BuildUsername(string? firstName, string? lastName, string? separator, st ``` The iteration argument is usually used with the help of -[ Build Unique Value Aspect ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md). +[Build Unique Value Aspect](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md). If the iteration number is greater than 0, it is inserted after the last name. ### Example of use in a BuildUniqueValue aspect: @@ -60,7 +60,7 @@ string? BuildUsernameWithInitials(string? firstName, string? lastName, string? s The `maxLength` argument limits the length of the username. The iteration argument is usually used with the help of -[ Build Unique Value Aspect ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md). +[Build Unique Value Aspect](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md). If it is greater than 0, we use several letters of the first name avoiding as much as possible to insert a number in the built username. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md b/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md index 517003f375..12e3e33553 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md @@ -14,7 +14,7 @@ attributes. In Identity Manager's XML configuration, some attributes are defined with expressions. Expression attributes do not take a plain string value, but rather an expression that computes a value based on a given input. See the -[ Entity Property Expression ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitypropertyexpression/index.md) and +[Entity Property Expression](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitypropertyexpression/index.md) and [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topics for additional information. @@ -24,8 +24,11 @@ The expression can either be provided as a built-in function or as a full-fledge the list of available C# utility functions and functions predefined by Identity Manager. See the [Predefined functions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/predefined-functions/index.md) topic for additional information. -**NOTE:** When changing the value of a property that is part of some expressions in the +:::note +When changing the value of a property that is part of some expressions in the configuration, do not expect to see all expressions recomputed right away. +::: + In order to ensure the recomputation of all expressions based on the recent change, wait for the next run of Update Expressions in the complete job or through the corresponding connector's overview @@ -172,14 +175,14 @@ C#:resource:logger.LogDebug("Name={0}", resource.Name); return resource.Name; The following .NET libraries from the white list can be used. -Authorized Namespaces +**Authorized Namespaces** Every class and function from the following namespaces is allowed: - `System.Linq` - `System.Text.RegularExpressions` -Authorized Classes +**Authorized Classes** Beyond the authorized namespaces, the following classes can be used: @@ -197,7 +200,7 @@ Beyond the authorized namespaces, the following classes can be used: - `System.Int32` - `System.Random` -Authorized Methods +**Authorized Methods** Beyond the authorized classes, the following methods can be used: @@ -304,7 +307,7 @@ Literal expressions are not available for QueryRuleTargetExpression attribute, o SourceExpression. Literal expressions are not available for rules targeting a DateTime or Binary property. -Example +**Example** Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/expressions/predefined-functions/index.md b/docs/identitymanager/saas/integration-guide/toolkit/expressions/predefined-functions/index.md index 9d59a88c48..fb209ca2e0 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/expressions/predefined-functions/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/expressions/predefined-functions/index.md @@ -8,12 +8,12 @@ sidebar_position: 20 Identity Manager provides a set of predefined functions that simplify the configuration of entity property expressions and scalar rules. See the -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) +[Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and[Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topics for additional information. Unlike C# expressions, Identity Manager's predefined functions do not need any prefix. They can be -used as such. See the [ C# utility functions ](/docs/identitymanager/saas/integration-guide/toolkit/expressions/csharp-utility-functions/index.md) topic for +used as such. See the [C# utility functions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/csharp-utility-functions/index.md) topic for additional information. ### Examples diff --git a/docs/identitymanager/saas/integration-guide/toolkit/file-hierarchy/index.md b/docs/identitymanager/saas/integration-guide/toolkit/file-hierarchy/index.md index b6acf44a8f..a6666d3209 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/file-hierarchy/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/file-hierarchy/index.md @@ -17,7 +17,7 @@ Element `` is the root element of each configuration file. ``` Each configuration element matches to an entry in the database. Detailed description of the element -can be found in the Data model. See the [ XML Configuration Schema ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/index.md) +can be found in the Data model. See the [XML Configuration Schema](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/index.md) topic for additional information. For example, the structure of the `` element can be found in the diff --git a/docs/identitymanager/saas/integration-guide/toolkit/how-tos/adjust-scaffoldings/index.md b/docs/identitymanager/saas/integration-guide/toolkit/how-tos/adjust-scaffoldings/index.md index da7a14a26a..ffb4af77d6 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/how-tos/adjust-scaffoldings/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/how-tos/adjust-scaffoldings/index.md @@ -25,7 +25,7 @@ and as a last resort, when no scaffolding meets the needs, writing the configura Adjust XML configuration generated by a scaffolding by proceeding as follows: 1. When working via the UI, start by exporting UI - [ Usercube-Export-Configuration ](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) + [Usercube-Export-Configuration](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) elements. 2. Write an XML element whose identifier is the same as the one generated by the scaffolding. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/how-tos/deploy-configuration/index.md b/docs/identitymanager/saas/integration-guide/toolkit/how-tos/deploy-configuration/index.md index 84c8d33363..b2ff03e972 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/how-tos/deploy-configuration/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/how-tos/deploy-configuration/index.md @@ -30,7 +30,7 @@ declaring at least: Deploy a SaaS XML configuration by proceeding as follows: 1. Log in for configuration deployment/export with the - [ Usercube-Login ](/docs/identitymanager/saas/integration-guide/executables/references/login/index.md). + [Usercube-Login](/docs/identitymanager/saas/integration-guide/executables/references/login/index.md). Identity Manager provides an OpenID Connect (OIDC) authentication process in order to ensure strong security, visibility and ease of use. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/how-tos/export-configuration/index.md b/docs/identitymanager/saas/integration-guide/toolkit/how-tos/export-configuration/index.md index 483493b14a..2bda5b73bf 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/how-tos/export-configuration/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/how-tos/export-configuration/index.md @@ -10,13 +10,13 @@ The process for configuration export varies according to the situation: - when working SaaS, the configuration must be exported remotely; See the -[ Usercube-Export-Configuration ](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) +[Usercube-Export-Configuration](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) topic for additional information. ## Export the Configuration Locally Export your configuration by using the -[ Usercube-Export-Configuration ](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) +[Usercube-Export-Configuration](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) executable and declaring at least: - the directory where the configuration is to be exported to; @@ -33,7 +33,7 @@ executable and declaring at least: Export a SaaS configuration by proceeding as follows: 1. Log in for configuration deployment/export with the - [ Usercube-Login ](/docs/identitymanager/saas/integration-guide/executables/references/login/index.md). + [Usercube-Login](/docs/identitymanager/saas/integration-guide/executables/references/login/index.md). Identity Manager provides an OpenID Connect (OIDC) authentication process in order to ensure strong security, visibility and ease of use. @@ -92,7 +92,7 @@ Export a SaaS configuration by proceeding as follows: Manager instance, to allow the configuration deployment/export. 4. Export the configuration by using the - [ Usercube-Export-Configuration ](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) + [Usercube-Export-Configuration](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) and declaring at least: - the configuration directory; diff --git a/docs/identitymanager/saas/integration-guide/toolkit/index.md b/docs/identitymanager/saas/integration-guide/toolkit/index.md index 4685266f98..98beb8adf9 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/index.md @@ -7,16 +7,16 @@ sidebar_position: 210 # Toolkit for XML Configuration The Netwrix Identity Manager (formerly Usercube) configuration is a set of XML files edited -according the Usercube schema. The [ Recommendations ](/docs/identitymanager/saas/integration-guide/toolkit/recommendations/index.md) part of this +according the Usercube schema. The [Recommendations](/docs/identitymanager/saas/integration-guide/toolkit/recommendations/index.md) part of this section explains how to set up an editing environment for the configuration. Regardless of the editing space, the configuration persists in the Netwrix Identity Manager (formerly Usercube) database. It's this stored configuration that is used at runtime. The -[ Deploy Configuration Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) +[Deploy Configuration Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) tool is used to **import** a new version of the configuration (from the XML files set). -The[ Usercube-Export-Configuration ](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) can be +The[Usercube-Export-Configuration](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) can be used to **export** the current configuration (to a XML files set). The Identity Manager project's integration cycle consists in developing a configuration by diff --git a/docs/identitymanager/saas/integration-guide/toolkit/languages/index.md b/docs/identitymanager/saas/integration-guide/toolkit/languages/index.md index 67391aa3db..b8a12c1a31 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/languages/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/languages/index.md @@ -8,7 +8,7 @@ sidebar_position: 50 Some configuration string must be specified in multiple languages. For this, the name of the corresponding XML attribute is suffixed by `_L1`, `_L2`,... `_L8`. For example, the property -_DisplayName_ of an [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) can be +_DisplayName_ of an [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) can be specified in English and French: ``` @@ -18,12 +18,12 @@ specified in English and French: ``` -Languages list must be specified by [ Language ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/language/index.md) +Languages list must be specified by [Language](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/language/index.md) elements. ``` - +** ** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md b/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md index 0ae1ecf68a..803c64f211 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md @@ -67,6 +67,6 @@ The following table shows the decimal - base32hex equivalent for the first 127 n For example, dimensions are identified by a number going from 0 to 127 in decimal representation and 0 to 3V in base32hex representation. -The [ Context Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) support _128_ dimension +The [Context Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) support _128_ dimension parameters going from `B0` to `B3V` using the **base32hex**`0` to `3V` numbers to identify a dimension. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/recommendations/index.md b/docs/identitymanager/saas/integration-guide/toolkit/recommendations/index.md index 706b049126..f238cb183b 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/recommendations/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/recommendations/index.md @@ -44,12 +44,10 @@ Configure auto-completion by proceeding as follows: ``` "settings": { - "xml.fileAssociations": [ - { + "xml.fileAssociations": [{ "systemId": "file:///C:/identitymanagerDemo/identitymanager-configuration.xsd", "pattern": "**/*.xml" - } - ] + }] } ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/reservedidentifiers/index.md b/docs/identitymanager/saas/integration-guide/toolkit/reservedidentifiers/index.md index 79c2550fe5..34f0640665 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/reservedidentifiers/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/reservedidentifiers/index.md @@ -6,8 +6,8 @@ sidebar_position: 60 # Reserved identifiers -Identifiers of [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)cannot be one of the following +Identifiers of [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and +[Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)cannot be one of the following words: These words can't be written in any case, example: id, Id, iD and ID are forbidden. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationownerfilter/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationownerfilter/index.md index f7cfc6ec93..c028e59078 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationownerfilter/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationownerfilter/index.md @@ -15,9 +15,9 @@ attributes of entitlements owner. | Property | Details | | ----------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Campaign required | **Type** Int64 **Description** The associated campaign. | -| D0 optional | **Type** Int64 **Description** Identifier of the dimension 0 (up to 3V in the [ Base32 Parameter Names ](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)) that filters the owners targeted by the access certification campaign. | +| D0 optional | **Type** Int64 **Description** Identifier of the dimension 0 (up to 3V in the [Base32 Parameter Names](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)) that filters the owners targeted by the access certification campaign. | | IndividualOwner optional | **Type** Int64 **Description** If set, filters on the owner. | -| L0 default value: false | **Type** Boolean **Description** `true` to include all the hierarchy beneath the dimension 0. **Note:** this setting can be used only if the corresponding [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) was declared with `IsHierarchical` set to `true` and with a `ParentProperty`. | +| L0 default value: false | **Type** Boolean **Description** `true` to include all the hierarchy beneath the dimension 0. **Note:** this setting can be used only if the corresponding [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) was declared with `IsHierarchical` set to `true` and with a `ParentProperty`. | | MinimalRiskScore optional | **Type** Int32 **Description** If set, filters only owners above given risk. | | OwnerLastModificationDate optional | **Type** DateTime **Description** Date such that the identities to be certified will be those for which the value of the `OwnerLastModificationDateBinding` property was modified since then. **Note:** must be set together with `OwnerLastModificationDateBinding`. | | OwnerLastModificationDateBinding optional | **Type** Int64 **Description** Binding of the property whose owner will be part of the campaign's targets, if the property's value was modified since `OwnerLastModificationDate`. **Note:** must be set together with `OwnerLastModificationDate`. **Note:** the properties calculated by Identity Manager cannot be used. | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/index.md index c1a81b117f..61ad079a0a 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/index.md @@ -6,6 +6,6 @@ sidebar_position: 110 # Access Certification -- [ AccessCertificationCampaignPolicy ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationcampaignpolicy/index.md) -- [ AccessCertificationDataFilter ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationdatafilter/index.md) -- [ AccessCertificationOwnerFilter ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationownerfilter/index.md) +- [AccessCertificationCampaignPolicy](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationcampaignpolicy/index.md) +- [AccessCertificationDataFilter](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationdatafilter/index.md) +- [AccessCertificationOwnerFilter](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/accesscertificationownerfilter/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md index 4429b411e0..6376630172 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md @@ -37,9 +37,12 @@ AccessControlEntry grants or denies a permission to a user. Access Control Entri Access Control Rule that defines the users scope of responsibility in the Identity Manager UI/Workflows. -**NOTE:** If your configuration contains an access control entry with `Permission="/"` and +:::note +If your configuration contains an access control entry with `Permission="/"` and `CanExecute="true"` then an error will occur during the configuration deployment, as a profile should not possess such a big permission. +::: + ### Properties @@ -60,8 +63,11 @@ An access control filter restricts the application of the access control rule to the data set. The rule will give the specified permissions to the profile only on the parts of the rule's data set for which the filter's condition is met. -_Remember,_ the ViewHistory permission (/Custom/Resources/Entity_Type/ViewHistory) does not work if +:::tip +Remember, the ViewHistory permission (/Custom/Resources/Entity_Type/ViewHistory) does not work if a filter is added. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -81,7 +87,7 @@ This condition is actually a comparison expression between two elements: ### Examples -Filter on a constant value +**Filter on a constant value** The following example gives to the `Administrator` profile certain permissions on user data, but only concerning users working in the marketing department. @@ -101,7 +107,7 @@ script in the command line. Technically speaking, the filter here says that the rule's permissions apply only on users from `Directory_User` whose `Code` of `MainOrganization` is `Marketing`. -Filter on the account of the current user +**Filter on the account of the current user** The following example gives to the `Manager` profile certain permissions on user data, but only concerning users from the team managed by the current user. @@ -170,7 +176,7 @@ Technically speaking, the filter here says that the rule's permissions apply onl single roles whose `Id` of the `Category` of the `SingleRole` is the same identifier as the value set for the `Category` property of the current user, in at least one of their assigned profiles. -Multiple filters +**Multiple filters** The following example gives to the `RoleOfficerByCategory` profile the permission to review the roles of users from `Directory_User`, but only the roles of a category assigned to the current user, @@ -203,11 +209,11 @@ single roles: | ---------------------------------- | --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Binding required | Int64 | Binding of the property whose value is to be checked to restrict the application of the rule's permissions. **NOTE:** The binding must be based on the entity type defined in the access control rule. | | Category default value: false | Boolean | True to compare the value specified by the binding to the categories of the current user's assigned profiles. | -| CompositeRole default value: false | Boolean | True to compare the value specified by the binding to the composite roles of the current user's assigned profiles. See the [ Assigned Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | +| CompositeRole default value: false | Boolean | True to compare the value specified by the binding to the composite roles of the current user's assigned profiles. See the [Assigned Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | | CurrentUser default value: false | Boolean | True to compare the value specified by the binding to the identifier of the account used by the current user to authenticate to Identity Manager. **NOTE:** The current user is the owner of the profile, allowed by the access control rule to perform an action and/or receive a notification. `CurrentUser` is tightly linked to the configuration of the `SelectUserByIdentityQueryHandlerSetting`. | -| Dimension optional | Int64 | Identifier of the dimension whose value(s), from the user's assigned profiles, are to be compared to the value specified by the binding. See [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) and [ Assigned Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topics for additional information. | +| Dimension optional | Int64 | Identifier of the dimension whose value(s), from the user's assigned profiles, are to be compared to the value specified by the binding. See [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) and [Assigned Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topics for additional information. | | Group optional | String | Group that the filter is part of. The access control rule filters the permissions by using the union (OR) of all filter groups, and the intersection (AND) of all filters within a group. **NOTE:** When not specified, the filter is part of the default group. | | Operator default value: 0 | AccessControlFilterOperator | Comparison operator. 0 - Equals. 1 - NotEquals. | -| ResourceType default value: false | Boolean | True to compare the value specified by the binding to the resource types of the current user's assigned profiles. See the [ Assigned Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | -| SingleRole default value: false | Boolean | True to compare the value specified by the binding to the single roles of the current user's assigned profiles. See the [ Assigned Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | +| ResourceType default value: false | Boolean | True to compare the value specified by the binding to the resource types of the current user's assigned profiles. See the [Assigned Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | +| SingleRole default value: false | Boolean | True to compare the value specified by the binding to the single roles of the current user's assigned profiles. See the [Assigned Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) topic for additional information. | | Value optional | String | Hard coded value to be compared to the value specified by the binding. | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/index.md index e44b1d9f3d..8f5a188e6e 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/index.md @@ -6,11 +6,11 @@ sidebar_position: 10 # Access Control -- [ AccessControlPermission ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpermission/index.md) -- [ AccessControlPropertyGroup ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpropertygroup/index.md) +- [AccessControlPermission](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpermission/index.md) +- [AccessControlPropertyGroup](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolpropertygroup/index.md) - [Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) -- [ Assigned Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) -- [ OpenIdClient ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) -- [ Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) -- [ Profile Context ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md) +- [Assigned Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) +- [OpenIdClient](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md) +- [Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md) +- [Profile Context](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md) - [Profile Rule Context](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md index bb92d4b1c3..2b5ca59fbf 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/openidclient/index.md @@ -16,7 +16,7 @@ The secret must be strong enough to protect access to the API. The good practice is generating a random secret, for example a 32 characters string, from a tool like KeePass. Each clientId must have it's own secret. The tool -[ Usercube-New-OpenIDSecret ](/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md) can be +[Usercube-New-OpenIDSecret](/docs/identitymanager/saas/integration-guide/executables/references/new-openidsecret/index.md) can be used to generate secrets and their hashes. Each clientId must have a scope of responsibility. The _Profile_ and _ContextId_ properties assign a @@ -28,7 +28,7 @@ The following code declares a clientId with the Administrator profile. ``` - +**** ```` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md index da3565312b..0bb5ebb7dc 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profile/index.md @@ -13,7 +13,7 @@ Control Rule and Profile Rule to describe who can do what. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md index 125804d406..2b3569934d 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md @@ -19,7 +19,7 @@ lower or equal to -2. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md index c9e9ad7b82..934b4fc184 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md @@ -44,7 +44,7 @@ script in the command line. | Property | Type | Description | | ----------------------------- | ------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| B0 optional | Int64 | Represents the first dimension binding definition. The 127 other dimension bindings can be referred to by 127 more parameters from B1 to B3V following the base32hex convention. See the [ Base32 Parameter Names ](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | +| B0 optional | Int64 | Represents the first dimension binding definition. The 127 other dimension bindings can be referred to by 127 more parameters from B1 to B3V following the base32hex convention. See the [Base32 Parameter Names](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | | IsDenied default value: false | Boolean | Profile denied to the user when matched. | | Profile required | Int64 | Identifier of the profile rule. | | RootExpression optional | String | C# expression to apply on the source entity type of the context resource type. See the [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md) topic for additional information. | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/index.md index daf3142478..c797705f6b 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/index.md @@ -6,4 +6,4 @@ sidebar_position: 120 # Business Intelligence -- [ Universe ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) +- [Universe](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md index 9b66e90889..89d427fdac 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md @@ -18,7 +18,7 @@ The following example builds a universe called `Universe1`: ``` - +**** @@ -62,7 +62,7 @@ we see the following: ## Child Element: Association Instance An association instance represents, within a Universe , the occurrence in the model of an -[ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +[Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). ### Properties @@ -76,7 +76,7 @@ An association instance represents, within a Universe , the occurrence in the mo ## Child Element: Entity Instance An entity instance represents, within a Universe , the occurrence in the model of an -[ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). +[Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md). ### Properties diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md index 14cefdd080..aaa7463fcd 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md index 9410f09246..23de49e0ad 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md @@ -6,6 +6,6 @@ sidebar_position: 10 # Access Reviews -- [ Access Review Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) +- [Access Review Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) Generates the permissions to administrate campaign creation. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md index 111e50baa9..3068e1b7cf 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md @@ -13,7 +13,7 @@ resource types, and launch generate provisioning orders and fulfillment from the ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md index a1cc9b74f8..5f80ca6f19 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md @@ -6,12 +6,12 @@ sidebar_position: 20 # Connectors -- [ Connector Resource Type Access Control ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md) +- [Connector Resource Type Access Control](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md) Gives the rights to create and update resource types, generate provisioning orders and fulfill from the connector screen. -- [ Settings Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md) +- [Settings Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md) Generates the permissions to configure the Workforce Core Solution module and connector settings. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md index b3bd0def9b..d46bfc12be 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates the permissions to configure the Workforce Core Solution module and co ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/index.md index 8cfbd9e350..da045d6406 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/index.md @@ -8,14 +8,14 @@ sidebar_position: 10 Scaffoldings for access control give some permissions, by allowing the corresponding API calls. -- [ Access Reviews ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md) -- [ Connectors ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md) -- [ Jobs ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md) -- [ Monitoring ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md) -- [ Profiles ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md) -- [ Queries ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md) -- [ Resources ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md) +- [Access Reviews](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md) +- [Connectors](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md) +- [Jobs](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md) +- [Monitoring](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md) +- [Profiles](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md) +- [Queries](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md) +- [Resources](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md) - [Role Models](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/index.md) -- [ Simulations ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md) -- [ User Interfaces ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md) -- [ Workflows ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md) +- [Simulations](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md) +- [User Interfaces](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md) +- [Workflows](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md index 95575cf429..8925c5de39 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md @@ -20,7 +20,7 @@ The entity instances generated by the scaffolding will have: ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md index 39f837dc15..6d81042b33 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md @@ -6,65 +6,65 @@ sidebar_position: 30 # Jobs -- [ GetJobLogAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md) +- [GetJobLogAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md) Generates the permissions to read task and job instances logs in UI for a given profile. -- [ JobAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md) +- [JobAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md) Scaffolding to access the job administration page. -- [ JobTaskAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobtaskadministrationaccesscontrolrules/index.md) +- [JobTaskAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobtaskadministrationaccesscontrolrules/index.md) Generates all permissions for JobStep entity. -- [ PendingAssignedResourceTypesAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md) +- [PendingAssignedResourceTypesAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md) Generates the access control rules which give to a profile the permissions to call the API Pending AssignedResourceTypes. -- [ ProvisioningAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md) +- [ProvisioningAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md) Generates the execution rights for Provisioning and Fulfillment tasks for a given profile. -- [ ResourceChangesViewAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md) +- [ResourceChangesViewAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md) Generates the access control rules which gives to a profile the permissions to call the API ResourceChange, ResourceFileChange and ResourceLinkChange. -- [ ResourceTypeMappingControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md) +- [ResourceTypeMappingControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md) Generate rights to launch agent fulfillment. -- [ RunJobAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md) +- [RunJobAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md) Generates the permissions to launch jobs from UI for a given profile. -- [ RunJobNotificationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md) +- [RunJobNotificationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md) Generates access control to send notification when job finish with an error state. -- [ RunJobRepairAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md) +- [RunJobRepairAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md) Generates the permissions to launch from UI jobs that are in state blocked after a Provisioning or a synchronization for a given profile. -- [ RunJobRepairNotificationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md) +- [RunJobRepairNotificationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md) Generates access control to send notification when a relaunch job finish with an error state. -- [ SynchronizationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) +- [SynchronizationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) Generates rights to launch synchronization task. -- [ TaskAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md) +- [TaskAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md) Generates all rights to have the access to job administration page. -- [ TaskInstanceAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskinstanceadministrationaccesscontrolrules/index.md) +- [TaskInstanceAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskinstanceadministrationaccesscontrolrules/index.md) Generates access control to update the task instances. -- [ WorkflowFulfillmentControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md) +- [WorkflowFulfillmentControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md) Generates the execution rights to launch Fulfillment workflow for a given profile. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md index c455df6c1c..0ce956ba8c 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md @@ -15,7 +15,7 @@ part in dashboard of the user interface. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md index 224587f5a0..d48c241d9c 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md @@ -13,7 +13,7 @@ AssignedResourceTypes. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md index bea3c756b4..4961b77f73 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md @@ -20,7 +20,7 @@ The entity instances generated by the scaffolding will have: ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md index 6d4e2bbc41..db0a1531ed 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md @@ -16,7 +16,7 @@ retrieved by these APIs. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md index 359a918ca3..d8d02bcbc7 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md @@ -14,7 +14,7 @@ MicrosoftEntraID...). This right corresponds to the permission to use ResourceTy ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md index a3839046d2..c357717cb3 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md @@ -13,7 +13,7 @@ synchronization for a given profile. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md index cfba393eaa..e7fdc3d593 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates access control to send notification when job finish with an error stat ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md index 8c0716981f..1de24735a7 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates the rights to read task and job instances logs in UI for a given profi ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md index a198ba19dc..614c07e5d1 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates access control to send notification when a relaunch job finish with an ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md index 925f750a5f..cd7eb66c1c 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md @@ -13,7 +13,7 @@ profile. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md index 453d53d291..1018ac4b2c 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md @@ -12,7 +12,7 @@ Generates all rights to have the access to job administration page. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md index 16a3134423..432a0af35a 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md @@ -12,7 +12,7 @@ Generates the execution rights to launch Fulfillment workflow for a given profil ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md index db81e50116..f3674de0cd 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md @@ -6,7 +6,7 @@ sidebar_position: 40 # Monitoring -- [ MonitoringAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md) +- [MonitoringAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md) Generates the access control rule which gives to a profile the permission to query the monitoring screen. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md index 277585db1a..fd85c59e1e 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md @@ -13,7 +13,7 @@ screen. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md index d31cc0a784..9d0eff4847 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md @@ -18,7 +18,7 @@ query assigned profiles. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md index edf0729aae..54143ce1ce 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md @@ -6,11 +6,11 @@ sidebar_position: 50 # Profiles -- [ Assign Profile Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md) +- [Assign Profile Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md) Gives to a given profile the rights to create, update, delete and query any assigned profile. -- [ OpenId Client Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/openidclientadministrationaccesscontrolrules/index.md) -- [ Profile Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md) +- [OpenId Client Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/openidclientadministrationaccesscontrolrules/index.md) +- [Profile Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md) Gives to a given profile the rights to create, update and delete profiles. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md index 49669de548..e5fb01efe0 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md @@ -23,7 +23,7 @@ profiles. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md index 7a0d0d8c5f..8844a6cf43 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md @@ -6,20 +6,20 @@ sidebar_position: 60 # Queries -- [ Manage Setting Access Control Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/managesettingaccesscontrolrule/index.md) +- [Manage Setting Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/managesettingaccesscontrolrule/index.md) Generates the access control rule which gives to a profile the permission to query, create, update and delete settings from the UM_Settings table. -- [ Report Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md) +- [Report Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md) Generates the permissions to access the report view. -- [ Target Resource Report Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md) +- [Target Resource Report Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md) Generates the permissions to apply a report for a profile on a given entity. -- [ Universe Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md) +- [Universe Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md) Generates an access control rule which gives a profile the permission to access the query page and run queries. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md index a89de7d466..bebe7aa367 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the navigation to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md index c18909b90d..651f818a7e 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md @@ -10,13 +10,13 @@ Generates the right to apply a report for a profile on a given entity. The existence of a report for this entity must exist in order to use this scaffolding. A scaffolding allows to generate a default report for an entity: -[ Target Resource Report Menus ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md) +[Target Resource Report Menus](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md) ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md index ed5fafa687..3bbb0f4f0e 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md @@ -15,7 +15,7 @@ The following example gives the permission to access the query page to the admin ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md index d0987f5edd..aa026c0861 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md @@ -13,7 +13,7 @@ modified incrementally ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md index 98c0f61f11..a9b8a3ce5b 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md @@ -6,25 +6,25 @@ sidebar_position: 70 # Resources -- [ Create Resource Incremental Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md) +- [Create Resource Incremental Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md) Generates the access control rule which gives to a profile the permission to query the resources modified incrementally. -- [ Resource Api Administration ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md) +- [Resource Api Administration](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md) Generates the permissions to create/update/delete/query resources from a given entity type, for a given profile. -- [ Resource Picker Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md) +- [Resource Picker Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md) Creates the reading right of the resource picker. -- [ View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) +- [View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) Generates the permissions to view an entity type's resources. -- [ View History Resource Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md) +- [View History Resource Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md) Generates an access control rule giving to the specified profile the permission to browse the resources history of the specified entity type. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md index e488b78d50..fe5d20380d 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md @@ -16,7 +16,7 @@ query resources from `Directory_User`. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md index 5f40fe2811..2b3514f1b2 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md @@ -12,7 +12,7 @@ Creates the reading right of the resource picker. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md index c6bb7b82e5..1c2dd9f7d1 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md @@ -15,7 +15,7 @@ displays the resources of the `Directory_UserType` entity type, as well as its s ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md index d7ac91336c..e273a7b232 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md @@ -13,7 +13,7 @@ resources history of the specified entity type. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md index 566f10edaf..a6ec1923d5 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md @@ -13,7 +13,7 @@ basket. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md index 12d2ac108e..d4ee09bf79 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md @@ -11,13 +11,13 @@ review of multiple manual provisioning items for the `Directory_User` entity typ ``` - +**** ``` The scaffolding generates the following scaffoldings: -- [ Perform Manual Provisioning Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md): +- [Perform Manual Provisioning Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md): Generates the permissions to access the manual provisioning pages for a given entity type and profile. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkresourcereconciliationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkresourcereconciliationaccesscontrolrules/index.md index b8f6abe88e..e9139f6586 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkresourcereconciliationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkresourcereconciliationaccesscontrolrules/index.md @@ -20,7 +20,7 @@ The scaffolding generates the following scaffoldings: - ReconciliateResourcesAccessControlRules: Generates the permissions to access the resource reconciliation pages for a given entity type and profile. See the - [ Reconciliate Resources Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) + [Reconciliate Resources Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) topic for additional information. ## Properties diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md index 9fd2ae7cf7..2b0eaaece5 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md @@ -11,13 +11,13 @@ review of multiple errored provisioning orders for the `Directory_User` entity t ``` - +**** ``` The scaffolding generates the following scaffoldings: -- [ Review Provisioning Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md): +- [Review Provisioning Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md): Generates the permissions to access the provisioning review pages for a given entity type and profile. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md index 33eb2ba15b..d2009f3642 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md @@ -10,7 +10,7 @@ Generates the permissions to perform bulk validations on the **Role Reconciliati The scaffolding generates the following scaffoldings: -- [ Reconciliate Roles Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md): +- [Reconciliate Roles Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md): Generates the permissions to access the role reconciliation pages for a given entity type and profile. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/index.md index b2daedff5d..5db6032177 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/index.md @@ -6,12 +6,12 @@ sidebar_position: 80 # Role Models -- [ Basket Rules Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md) +- [Basket Rules Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md) Generates the permissions to execute the different requests to display the information in the rights basket. -- [ Bulk Perform Manual Provisioning Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md) +- [Bulk Perform Manual Provisioning Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md) Generates the permissions to perform bulk validations on the \*\*Perform Manual Provisioning\*\* page. @@ -21,56 +21,56 @@ sidebar_position: 80 Generates the permissions to perform bulk validations on the \*\*Resource Reconciliation\*\* page. -- [ Bulk Review Provisioning Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md) +- [Bulk Review Provisioning Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md) Generates the permissions to perform bulk validations on the \*\*Provisioning Review\*\* page (only for errored orders). -- [ Bulk Role Reconciliation Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md) +- [Bulk Role Reconciliation Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md) Generates the permissions to perform bulk validations on the \*\*Role Reconciliation\*\* page. -- [ Governance Roles Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/governancerolesaccesscontrolrules/index.md) +- [Governance Roles Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/governancerolesaccesscontrolrules/index.md) Generates the permissions to access the governance review pages for a given entity type and profile. -- [ Perform Manual Provisioning Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md) +- [Perform Manual Provisioning Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md) Generates the permissions to access the manual provisioning pages for a given entity type and profile. -- [ Reconciliate Resources Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) +- [Reconciliate Resources Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) Generates the permissions to access the resource reconciliation pages for a given entity type and profile. -- [ Reconciliate Roles Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md) +- [Reconciliate Roles Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md) Generates the permissions to access the role reconciliation pages for a given entity type and profile. -- [ Redundant Assignment Access Control Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md) +- [Redundant Assignment Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md) Generates the permissions to access the \*\*Redundant Assignment\*\* page, to analyze and remove redundant assignments. -- [ Review Provisioning Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md) +- [Review Provisioning Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md) Generates the permissions to access the provisioning review pages for a given entity type and profile. -- [ Review Roles Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md) +- [Review Roles Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md) Generates the permissions to access the role review pages for a given entity type and profile. -- [ Risks Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md) -- [ Role Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md) +- [Risks Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md) +- [Role Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md) Generates the permissions to access the configuration pages and create, update, delete the elements of the role model. -- [ Role Naming Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md) +- [Role Naming Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md) Generates the permissions to configure and launch the automatic creation of roles and rules based on naming conventions. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md index 2f9b6cb546..47fe9567a1 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md @@ -20,7 +20,7 @@ otherwise the information of the entity type cannot be displayed on this screen. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md index a2974e70dc..090f6546e4 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md @@ -19,7 +19,7 @@ EntityType to be filled in the Scaffolding. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md index 8d098e7efb..85152db3a9 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md index 8fe12b21fc..32aada43ff 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md @@ -20,7 +20,7 @@ Assignment** page and perform redundant-assignment related actions. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md index 26e65dc207..db53724737 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md @@ -18,7 +18,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md index 9469c91cb3..76bf12cbb7 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md index 7e7f77cbc6..faee8a58aa 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 130 ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md index 4058d00049..71ab4c9b13 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md @@ -29,7 +29,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md index ce00322438..3c98162c0e 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md @@ -13,7 +13,7 @@ naming conventions. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md index 5e4a182944..c4259431bf 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md @@ -7,4 +7,4 @@ sidebar_position: 90 # Simulations - [Policy Simulation Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md) -- [ Role And Simulation Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md) +- [Role And Simulation Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md index 918dd60536..3b7f4c0e5f 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 10 ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md index 1ac970ea4f..fda6ca46d4 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 20 ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md index eac260e397..cf1070163a 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md @@ -6,8 +6,8 @@ sidebar_position: 100 # User Interfaces -- [ Manage Accounts ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md) -- [ Search Bar Page Access Control ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/searchbarpageaccesscontrol/index.md) +- [Manage Accounts](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md) +- [Search Bar Page Access Control](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/searchbarpageaccesscontrol/index.md) Gives access rights to the different navigation elements of the SearchBars of the pages of the role model. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md index ab8ffbb9fc..8ec97c1f70 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md @@ -20,7 +20,7 @@ users from `Directory_User`. ``` - +**** In order to see AD accounts once clicking on the button: diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md index 821b111c99..b343189551 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md @@ -18,14 +18,14 @@ must be created with the following names: The scaffolding generates the following scaffoldings: -- [ View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the +- [View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the permissions to view an entity type's resources. ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md index aff3b14f7e..c1e1d02421 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md @@ -6,17 +6,17 @@ sidebar_position: 110 # Workflows -- [ Create Update Delete Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md) +- [Create Update Delete Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md) Generates execution rights for the create, update, delete workflows. -- [ Update Resources Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md) -- [ Workflow Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md) +- [Update Resources Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md) +- [Workflow Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md) Generates the permissions to access the task page and visualize the workflows to be executed for a given entity type and profile. -- [ Workflow Configuration Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md) -- [ Workflow Overview Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md) +- [Workflow Configuration Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md) +- [Workflow Overview Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md) Generates the permissions to access the workflow supervision page. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md index 83765e1c8d..4591008ab5 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 20 ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md index 3a7499cb1e..53d77be87f 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md @@ -23,7 +23,7 @@ DashBoard shortcut: ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md index 376868ee74..a2fb709ac1 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md @@ -10,7 +10,7 @@ sidebar_position: 40 ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md index eea38778bd..0c636be3a4 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md @@ -16,7 +16,7 @@ Gives access to a shortcut on the dashboard to access this page. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md index 0613710804..c0bd8e3d5e 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md @@ -24,7 +24,7 @@ If you are using a CSV connector with files in incremental mode, you must specif ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md index 03bdb2ceb4..2838ee62fc 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md @@ -15,7 +15,7 @@ no display name is defined. ``` - +**** ``` @@ -26,7 +26,7 @@ in `Directory_Country`, when no display name is defined. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md index 281ebf65bb..1b4b7f6d1d 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md @@ -15,7 +15,7 @@ the table. Otherwise, the only scalar property displayed in the table is the int ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md index ce24a15b10..c4ad65939a 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md @@ -18,7 +18,7 @@ table. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md index 925b345ab3..fc6656da7e 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md @@ -14,7 +14,7 @@ The design element for this displaytable is resourcetable. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md index 55e4946a1a..ae31c27b2d 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md @@ -12,7 +12,7 @@ Creates the search bar for the entity without criteria. ``` - +**** ``` @@ -28,6 +28,6 @@ Our example generates the following configuration: ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/index.md index 28eb54e2bb..026ffda22e 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/index.md @@ -6,35 +6,35 @@ sidebar_position: 10 # Entity Types -- [ Connector Mappings ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md) +- [Connector Mappings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md) Generates the mapping of an entity in a given connector. -- [ Entity Type Display Name ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md) +- [Entity Type Display Name](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md) Computes a default value for resources' internal display names. -- [ Entity Type Display Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md) +- [Entity Type Display Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md) Creates a display table for the given entity. -- [ Entity Type Display Table Adaptable ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md) +- [Entity Type Display Table Adaptable](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md) Creates an adaptable display table for a given entity type. -- [ Entity Type Display Target Resource Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md) +- [Entity Type Display Target Resource Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md) Creates a display table for the given entity. -- [ Entity Type Menu Item ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypemenuitem/index.md) +- [Entity Type Menu Item](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypemenuitem/index.md) Creates a menu item for the entity type, and for its connector if the entity type has an entity type mapping. -- [ Entity Type Search Bar ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md) +- [Entity Type Search Bar](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md) Creates the search bar for the entity without criteria. -- [ Target Resource Report Menus ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md) +- [Target Resource Report Menus](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md) Creates the Item menu for the entity's report so that it is displayed in the report view. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md index 4df053843e..11484e44af 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md @@ -12,7 +12,7 @@ Creates the Item menu for the entity's report so that it is displayed in the rep ``` - +**** ``` @@ -28,6 +28,6 @@ Our example generates the following configuration: ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/index.md index f753774080..38cf9fcc94 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/index.md @@ -7,4 +7,4 @@ sidebar_position: 20 # Entity Types - [Entity Types](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/index.md) -- [ Workflows ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md) +- [Workflows](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md index 9ddeb29455..fc86d7c7c7 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md @@ -21,7 +21,7 @@ scaffolding, the names of these 3 workflows must comply with the following stand ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md index cba5b74505..e94fd173c4 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md @@ -10,7 +10,7 @@ sidebar_position: 20 ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md index 4fef4014f0..6170e7de1f 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md @@ -6,25 +6,25 @@ sidebar_position: 20 # Workflows -- [ Create Update Delete Menus ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md) +- [Create Update Delete Menus](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md) Creates updates and deletes menus for an entity. -- [ Create Update Delete Workflows ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md) -- [ Update Resources Menus ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md) -- [ Update Resources Workflows ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md) -- [ Workflow Actors Notification ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md) -- [ Workflow Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md) +- [Create Update Delete Workflows](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md) +- [Update Resources Menus](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md) +- [Update Resources Workflows](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md) +- [Workflow Actors Notification](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md) +- [Workflow Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md) Creates an entity that will be the source of all workflows that manipulate the given entity. -- [ Workflow Entity Type Display Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md) -- [ Workflow Entity Type Display Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md) +- [Workflow Entity Type Display Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md) +- [Workflow Entity Type Display Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md) Creates the display table of the workflow entity of the starting entity. -- [ Workflow Entity Type Search Bar ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md) +- [Workflow Entity Type Search Bar](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md) Creates the search bar of the workflow entity of the starting entity. -- [ Workflow Performer Notification ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md) +- [Workflow Performer Notification](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md index cbeeec0501..2a3626c089 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md @@ -10,7 +10,7 @@ sidebar_position: 30 ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md index cbdc9133ab..a5937e4c52 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md @@ -10,7 +10,7 @@ sidebar_position: 40 ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md index 17c01ed6f4..8da7d630d0 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md @@ -10,7 +10,7 @@ sidebar_position: 50 ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md index be7c4dd2e1..b966523cf8 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md @@ -13,7 +13,7 @@ create the association between this new entity and the starting entity. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md index 501194a5da..268758bfde 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md @@ -10,7 +10,7 @@ sidebar_position: 70 ``` - +**** ``` @@ -26,6 +26,6 @@ Our example generates the following configuration: ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md index 1a54cd2d99..fd36258c4b 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md @@ -15,7 +15,7 @@ launch this scaffolding. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md index 9cb1eb439c..dd3b20f98c 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md @@ -15,7 +15,7 @@ this scaffolding. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md index 86b1c3f143..950ef8d9ea 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md @@ -10,7 +10,7 @@ sidebar_position: 100 ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md index dc0037528b..3d1525510a 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/index.md @@ -12,7 +12,7 @@ an XML element that will generate a complex XML fragment. Available scaffoldings are described below. To understand scaffoldings' generated configuration, Identity Manager's executable -[ Usercube-Export-Configuration ](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) +[Usercube-Export-Configuration](/docs/identitymanager/saas/integration-guide/executables/references/export-configuration/index.md) can be launched with the `--export-scaffolding` option to export into XML files the configuration items generated by scaffoldings. @@ -23,160 +23,160 @@ their content in your own configuration. - [Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/index.md) -- [ Access Reviews ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md) +- [Access Reviews](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/index.md) -- [ Access Review Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) +- [Access Review Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md) Generates the permissions to administrate campaign creation. -- [ Connectors ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md) +- [Connectors](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/index.md) -- [ Connector Resource Type Access Control ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md) +- [Connector Resource Type Access Control](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md) Gives the rights to create and update resource types, generate provisioning orders and fulfill from the connector screen. -- [ Settings Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md) +- [Settings Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md) Generates the permissions to configure the Workforce Core Solution module and connector settings. -- [ Jobs ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md) +- [Jobs](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/index.md) -- [ GetJobLogAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md) +- [GetJobLogAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md) Generates the permissions to read task and job instances logs in UI for a given profile. -- [ JobAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md) +- [JobAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md) Scaffolding to access the job administration page. -- [ JobTaskAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobtaskadministrationaccesscontrolrules/index.md) +- [JobTaskAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobtaskadministrationaccesscontrolrules/index.md) Generates all permissions for JobStep entity. -- [ PendingAssignedResourceTypesAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md) +- [PendingAssignedResourceTypesAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md) Generates the access control rules which give to a profile the permissions to call the API Pending AssignedResourceTypes. -- [ ProvisioningAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md) +- [ProvisioningAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md) Generates the execution rights for Provisioning and Fulfillment tasks for a given profile. -- [ ResourceChangesViewAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md) +- [ResourceChangesViewAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md) Generates the access control rules which gives to a profile the permissions to call the API ResourceChange, ResourceFileChange and ResourceLinkChange. -- [ ResourceTypeMappingControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md) +- [ResourceTypeMappingControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md) Generate rights to launch agent fulfillment. -- [ RunJobAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md) +- [RunJobAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md) Generates the permissions to launch jobs from UI for a given profile. -- [ RunJobNotificationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md) +- [RunJobNotificationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md) Generates access control to send notification when job finish with an error state. -- [ RunJobRepairAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md) +- [RunJobRepairAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md) Generates the permissions to launch from UI jobs that are in state blocked after a Provisioning or a synchronization for a given profile. -- [ RunJobRepairNotificationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md) +- [RunJobRepairNotificationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md) Generates access control to send notification when a relaunch job finish with an error state. -- [ SynchronizationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) +- [SynchronizationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md) Generates rights to launch synchronization task. -- [ TaskAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md) +- [TaskAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md) Generates all rights to have the access to job administration page. -- [ TaskInstanceAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskinstanceadministrationaccesscontrolrules/index.md) +- [TaskInstanceAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskinstanceadministrationaccesscontrolrules/index.md) Generates access control to update the task instances. -- [ WorkflowFulfillmentControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md) +- [WorkflowFulfillmentControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md) Generates the execution rights to launch Fulfillment workflow for a given profile. -- [ Monitoring ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md) +- [Monitoring](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/index.md) -- [ MonitoringAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md) +- [MonitoringAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md) Generates the access control rule which gives to a profile the permission to query the monitoring screen. -- [ Profiles ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md) +- [Profiles](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/index.md) -- [ Assign Profile Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md) +- [Assign Profile Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md) Gives to a given profile the rights to create, update, delete and query any assigned profile. -- [ OpenId Client Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/openidclientadministrationaccesscontrolrules/index.md) -- [ Profile Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md) +- [OpenId Client Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/openidclientadministrationaccesscontrolrules/index.md) +- [Profile Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md) Gives to a given profile the rights to create, update and delete profiles. -- [ Queries ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md) +- [Queries](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/index.md) -- [ Manage Setting Access Control Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/managesettingaccesscontrolrule/index.md) +- [Manage Setting Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/managesettingaccesscontrolrule/index.md) Generates the access control rule which gives to a profile the permission to query, create, update and delete settings from the UM_Settings table. -- [ Report Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md) +- [Report Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md) Generates the permissions to access the report view. -- [ Target Resource Report Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md) +- [Target Resource Report Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md) Generates the permissions to apply a report for a profile on a given entity. -- [ Universe Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md) +- [Universe Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md) Generates an access control rule which gives a profile the permission to access the query page and run queries. -- [ Resources ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md) +- [Resources](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/index.md) -- [ Create Resource Incremental Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md) +- [Create Resource Incremental Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md) Generates the access control rule which gives to a profile the permission to query the resources modified incrementally. -- [ Resource Api Administration ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md) +- [Resource Api Administration](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md) Generates the permissions to create/update/delete/query resources from a given entity type, for a given profile. -- [ Resource Picker Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md) +- [Resource Picker Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md) Creates the reading right of the resource picker. -- [ View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) +- [View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) Generates the permissions to view an entity type's resources. -- [ View History Resource Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md) +- [View History Resource Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md) Generates an access control rule giving to the specified profile the permission to browse the resources history of the specified entity type. - [Role Models](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/index.md) -- [ Basket Rules Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md) +- [Basket Rules Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md) Generates the permissions to execute the different requests to display the information in the rights basket. -- [ Bulk Perform Manual Provisioning Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md) +- [Bulk Perform Manual Provisioning Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkperformmanualprovisioningaccesscontrolrules/index.md) Generates the permissions to perform bulk validations on the \*\*Perform Manual Provisioning\*\* page. @@ -186,152 +186,152 @@ their content in your own configuration. Generates the permissions to perform bulk validations on the \*\*Resource Reconciliation\*\* page. -- [ Bulk Review Provisioning Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md) +- [Bulk Review Provisioning Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkreviewprovisioningaccesscontrolrules/index.md) Generates the permissions to perform bulk validations on the \*\*Provisioning Review\*\* page (only for errored orders). -- [ Bulk Role Reconciliation Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md) +- [Bulk Role Reconciliation Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/bulkrolereconciliationaccesscontrolrules/index.md) Generates the permissions to perform bulk validations on the \*\*Role Reconciliation\*\* page. -- [ Governance Roles Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/governancerolesaccesscontrolrules/index.md) +- [Governance Roles Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/governancerolesaccesscontrolrules/index.md) Generates the permissions to access the governance review pages for a given entity type and profile. -- [ Perform Manual Provisioning Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md) +- [Perform Manual Provisioning Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md) Generates the permissions to access the manual provisioning pages for a given entity type and profile. -- [ Reconciliate Resources Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) +- [Reconciliate Resources Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliateresourcesaccesscontrolrules/index.md) Generates the permissions to access the resource reconciliation pages for a given entity type and profile. -- [ Reconciliate Roles Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md) +- [Reconciliate Roles Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md) Generates the permissions to access the role reconciliation pages for a given entity type and profile. -- [ Redundant Assignment Access Control Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md) +- [Redundant Assignment Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md) Generates the permissions to access the \*\*Redundant Assignment\*\* page, to analyze and remove redundant assignments. -- [ Review Provisioning Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md) +- [Review Provisioning Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md) Generates the permissions to access the provisioning review pages for a given entity type and profile. -- [ Review Roles Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md) +- [Review Roles Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md) Generates the permissions to access the role review pages for a given entity type and profile. -- [ Risks Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md) -- [ Role Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md) +- [Risks Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md) +- [Role Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md) Generates the permissions to access the configuration pages and create, update, delete the elements of the role model. -- [ Role Naming Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md) +- [Role Naming Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md) Generates the permissions to configure and launch the automatic creation of roles and rules based on naming conventions. -- [ Simulations ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md) +- [Simulations](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/index.md) - [Policy Simulation Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md) -- [ Role And Simulation Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md) +- [Role And Simulation Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md) -- [ User Interfaces ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md) +- [User Interfaces](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/index.md) -- [ Manage Accounts ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md) -- [ Search Bar Page Access Control ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/searchbarpageaccesscontrol/index.md) +- [Manage Accounts](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md) +- [Search Bar Page Access Control](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/searchbarpageaccesscontrol/index.md) Gives access rights to the different navigation elements of the SearchBars of the pages of the role model. -- [ Workflows ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md) +- [Workflows](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/index.md) -- [ Create Update Delete Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md) +- [Create Update Delete Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md) Generates execution rights for the create, update, delete workflows. -- [ Update Resources Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md) -- [ Workflow Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md) +- [Update Resources Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md) +- [Workflow Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowaccesscontrolrules/index.md) Generates the permissions to access the task page and visualize the workflows to be executed for a given entity type and profile. -- [ Workflow Configuration Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md) -- [ Workflow Overview Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md) +- [Workflow Configuration Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md) +- [Workflow Overview Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md) Generates the permissions to access the workflow supervision page. -- [ Entity Types ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/index.md) +- [Entity Types](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/index.md) - [Entity Types](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/index.md) -- [ Connector Mappings ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md) +- [Connector Mappings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/connectormappings/index.md) Generates the mapping of an entity in a given connector. -- [ Entity Type Display Name ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md) +- [Entity Type Display Name](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md) Computes a default value for resources' internal display names. -- [ Entity Type Display Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md) +- [Entity Type Display Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md) Creates a display table for the given entity. -- [ Entity Type Display Table Adaptable ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md) +- [Entity Type Display Table Adaptable](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md) Creates an adaptable display table for a given entity type. -- [ Entity Type Display Target Resource Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md) +- [Entity Type Display Target Resource Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md) Creates a display table for the given entity. -- [ Entity Type Menu Item ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypemenuitem/index.md) +- [Entity Type Menu Item](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypemenuitem/index.md) Creates a menu item for the entity type, and for its connector if the entity type has an entity type mapping. -- [ Entity Type Search Bar ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md) +- [Entity Type Search Bar](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md) Creates the search bar for the entity without criteria. -- [ Target Resource Report Menus ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md) +- [Target Resource Report Menus](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md) Creates the Item menu for the entity's report so that it is displayed in the report view. -- [ Workflows ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md) +- [Workflows](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/index.md) -- [ Create Update Delete Workflows ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md) +- [Create Update Delete Workflows](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md) Creates updates and deletes menus for an entity. -- [ Update Resources Menus ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md) -- [ Update Resources Workflows ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md) -- [ Workflow Actors Notification ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md) -- [ Workflow Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md) +- [Update Resources Menus](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md) +- [Update Resources Workflows](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md) +- [Workflow Actors Notification](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowactorsnotification/index.md) +- [Workflow Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md) Creates an entity that will be the source of all workflows that manipulate the given entity. -- [ Workflow Entity Type Display Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md) -- [ Workflow Entity Type Display Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md) +- [Workflow Entity Type Display Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplayentitytype/index.md) +- [Workflow Entity Type Display Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypedisplaytable/index.md) Creates the display table of the workflow entity of the starting entity. -- [ Workflow Entity Type Search Bar ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md) +- [Workflow Entity Type Search Bar](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytypesearchbar/index.md) Creates the search bar of the workflow entity of the starting entity. -- [ Workflow Performer Notification ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md) +- [Workflow Performer Notification](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowperformernotification/index.md) -- [ Jobs ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md) +- [Jobs](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md) - [Clean Database Job](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md) @@ -351,7 +351,7 @@ their content in your own configuration. Creates for the given agent the synchronization job of all connectors present in the agent in incremental mode. -- [ Create Connectors Jobs ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md) +- [Create Connectors Jobs](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md) Creates all jobs by connector to launched task in the connector page. @@ -367,19 +367,19 @@ their content in your own configuration. Creates the Initialization Job for the given agent. -- [ Optimizations ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/index.md) +- [Optimizations](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/index.md) -- [ Optimize Display Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md) +- [Optimize Display Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md) Optimizes all elements found in the given displayTable. -- [ Queries ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) +- [Queries](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md) -- [ Target Resource Report ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md) +- [Target Resource Report](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md) Creates a ReportQuery with default Query taking all the properties of the entity. -- [ Universe Data Model ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md) +- [Universe Data Model](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md) Creates, within a universe, entity instances and association instances based on a predefined template. @@ -390,55 +390,55 @@ their content in your own configuration. Gives the permissions to manage the connector pages. -- [ Create Administrator Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md) +- [Create Administrator Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md) Creates the profile administrator and all default access control rules. -- [ Create Update Delete Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md) +- [Create Update Delete Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md) Creates the three types of workflow for the given entity as well as the execution rights for the given profile. -- [ Entity Report Default ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md) +- [Entity Report Default](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md) Creates all configuration items to add a ReportQuery for an EntityType and profile. -- [ Job Execution Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) +- [Job Execution Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) Assigns a set of rights to a given profile to execute any job, and view all job instances, task instances and logs. -- [ Job View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md) +- [Job View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md) Scaffolding to generate a set of rights to view all JobInstances, TaskInstances and logs. -- [ Simulation Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md) +- [Simulation Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md) Generates the permissions to configure and launch simulations. -- [ Update Resources Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md) -- [ View Source Resource Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewsourceresourcetemplate/index.md) +- [Update Resources Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md) +- [View Source Resource Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewsourceresourcetemplate/index.md) Creates the display table, fills in the internal display name of the entity, and gives the rights to see the permissions and sources of the entity for a given profile. -- [ View Target Resource Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md) +- [View Target Resource Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md) Creates the entity view (designElement = resourceTable), the report and the rights for a given profile. -- [ View Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md) +- [View Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md) Creates the view for the given entity as well as the rights for the given profile. -- [ View Template Adaptable ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md) +- [View Template Adaptable](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md) Implements a default display name for the resources of a given entity type, displays the resources in an adaptable table, and give the permissions to view the resources. -- [ Workforce ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/index.md) +- [Workforce](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/index.md) -- [ Bootstrap Module ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/bootstrapmodule/index.md) +- [Bootstrap Module](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/bootstrapmodule/index.md) Generates the default settings required to start using Identity Manager and the Workforce Core Solution module. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md index 15dfdb2dab..0b3994a9fd 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/cleandatabasejob/index.md @@ -15,7 +15,7 @@ script in the command line. ``` -   +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createaccesscertificationjob/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createaccesscertificationjob/index.md index 6d9b3f0802..6f661ff275 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createaccesscertificationjob/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createaccesscertificationjob/index.md @@ -15,7 +15,7 @@ script in the command line. ``` -   +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchrocomplete/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchrocomplete/index.md index b5d793ffde..d77ddead4a 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchrocomplete/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchrocomplete/index.md @@ -18,7 +18,7 @@ script in the command line. ``` -   +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchroincremental/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchroincremental/index.md index 0fd78abddb..2b1cf41bb5 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchroincremental/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createagentsynchroincremental/index.md @@ -19,7 +19,7 @@ script in the command line. ``` -   +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md index dcbb0a33bf..75827f36d3 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md @@ -12,7 +12,7 @@ Creates all jobs by connector to launched task in the connector page. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsynchrocomplete/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsynchrocomplete/index.md index eb7a3a6aff..f262fdbe56 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsynchrocomplete/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsynchrocomplete/index.md @@ -44,11 +44,14 @@ script in the command line. ### AddTask -**NOTE:** The old algorithm is no longer supported, so manual task addition is no longer required. +:::note +The old algorithm is no longer supported, so manual task addition is no longer required. If an exceptional situation requres the creation of a task note that the CopyOccurence must be deleted from the code. +::: -Example + +**Example** Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md index 9fb410c086..6be73b6b15 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/index.md @@ -24,7 +24,7 @@ sidebar_position: 30 Creates for the given agent the synchronization job of all connectors present in the agent in incremental mode. -- [ Create Connectors Jobs ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md) +- [Create Connectors Jobs](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md) Creates all jobs by connector to launched task in the connector page. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/index.md index 123031aab6..549c72eb37 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/index.md @@ -6,6 +6,6 @@ sidebar_position: 40 # Optimizations -- [ Optimize Display Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md) +- [Optimize Display Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md) Optimizes all elements found in the given displayTable. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md index e8e4279fb3..02c6114868 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/optimizations/optimizedisplaytable/index.md @@ -13,9 +13,9 @@ SQL queries used to fetch the data displayed in the corresponding table. In order to optimize the display table, this scaffolding will create the following elements if they don't exist. -- An [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)for each tile item that uses a +- An [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)for each tile item that uses a navigation binding. This will be used to hold the computed expression. -- An [ Entity Property Expression ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitypropertyexpression/index.md) to +- An [Entity Property Expression](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitypropertyexpression/index.md) to evaluate the binding expression used by the optimizable tile item. Then, the scaffolding will link the display table tile elements to the newly created scalar @@ -30,7 +30,7 @@ The following example optimized the DisplayTable `Directory_User` ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md index c5b0f3baea..b0bff9d653 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/index.md @@ -6,11 +6,11 @@ sidebar_position: 70 # Queries -- [ Target Resource Report ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md) +- [Target Resource Report](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md) Creates a ReportQuery with default Query taking all the properties of the entity. -- [ Universe Data Model ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md) +- [Universe Data Model](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md) Creates, within a universe, entity instances and association instances based on a predefined template. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md index f2ca40edf5..7b66306972 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md @@ -14,7 +14,7 @@ The entity must have a displayTable to be able to use this scaffolding. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md index bd05415696..daaa2aec89 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/universedatamodel/index.md @@ -165,7 +165,7 @@ It generates: ``` - +**** One entity instance for the entity type Directory_User: @@ -173,7 +173,7 @@ It generates: One association instance and one entity instance per navigation property: ... - +**** ``` @@ -204,7 +204,7 @@ It generates: ``` - +**** One entity instance for the entity type Directory_User. @@ -216,7 +216,7 @@ It generates: Same for all resource types. ... - +**** ``` @@ -268,7 +268,7 @@ It generates: ``` - +**** One entity instance for the entity type Directory_User. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md index a60d9edaf9..f453824cce 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md @@ -17,27 +17,27 @@ Gives access to shortcuts on the dashboard to access these pages. The scaffolding generates the following scaffoldings: -- [ Connector Resource Type Access Control ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md): +- [Connector Resource Type Access Control](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md): Gives the rights to create and update resource types, generate provisioning orders and fulfill from the connector screen. -- [ Job View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md): Scaffolding to generate +- [Job View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md): Scaffolding to generate a set of rights to view all JobInstances, TaskInstances and logs. -- [ ResourceTypeMappingControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md): +- [ResourceTypeMappingControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md): Generate rights to launch agent fulfillment. -- [ Role Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md): +- [Role Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md): Generates the permissions to access the configuration pages and create, update, delete the elements of the role model. -- [ RunJobRepairAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md): +- [RunJobRepairAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md): Generates the permissions to launch from UI jobs that are in state blocked after a Provisioning or a synchronization for a given profile. -- [ TaskAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md): +- [TaskAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md): Generates all rights to have the access to job administration page. ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md index 446ad09464..498cb75c2e 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md @@ -13,88 +13,88 @@ administrator profile. The scaffolding generates the following scaffoldings: -- [ Access Review Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md): +- [Access Review Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/accessreviews/accessreviewadministrationaccesscontrolrules/index.md): Generates the permissions to administrate campaign creation. -- [ Assign Profile Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md): +- [Assign Profile Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/assignprofileaccesscontrolrules/index.md): Gives to a given profile the rights to create, update, delete and query any assigned profile. -- [ Basket Rules Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md): +- [Basket Rules Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/basketrulescontrolrules/index.md): Generates the permissions to execute the different requests to display the information in the rights basket. -- [ Connector Resource Type Access Control ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md): +- [Connector Resource Type Access Control](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/connectorresourcetypeaccesscontrol/index.md): Gives the rights to create and update resource types, generate provisioning orders and fulfill from the connector screen. - [Connectors Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/connectorsaccesscontrolrules/index.md): Gives the permissions to manage the connector pages. -- [ Create Connectors Jobs ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md): Creates all jobs by +- [Create Connectors Jobs](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/jobs/createconnectorsjobs/index.md): Creates all jobs by connector to launched task in the connector page. -- [ Create Resource Incremental Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md): +- [Create Resource Incremental Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/createresourceincrementalaccesscontrolrules/index.md): Generates the access control rule which gives to a profile the permission to query the resources modified incrementally -- [ Job Execution Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md): Assigns a set +- [Job Execution Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md): Assigns a set of rights to a given profile to execute any job, and view all job instances, task instances and logs. -- [ Manage Accounts ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md): -- [ Manage Setting Access Control Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/managesettingaccesscontrolrule/index.md): +- [Manage Accounts](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/userinterfaces/manageaccounts/index.md): +- [Manage Setting Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/managesettingaccesscontrolrule/index.md): Generates the access control rule which gives to a profile the permission to query, create, update and delete settings from the UM_Settings table. -- [ MonitoringAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md): +- [MonitoringAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/monitoring/monitoringadministrationaccesscontrolrules/index.md): Generates the access control rule which gives to a profile the permission to query the monitoring screen. -- [ Perform Manual Provisioning Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md): +- [Perform Manual Provisioning Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/performmanualprovisioningaccesscontrolrules/index.md): Generates the permissions to access the manual provisioning pages for a given entity type and profile. -- [ Profile Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md): +- [Profile Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/profiles/profileadministrationaccesscontrolrules/index.md): Gives to a given profile the rights to create, update and delete profiles. -- [ ProvisioningAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md): +- [ProvisioningAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/provisioningaccesscontrolrules/index.md): Generates the execution rights for Provisioning and Fulfillment tasks for a given profile. -- [ Reconciliate Roles Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md): +- [Reconciliate Roles Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md): Generates the permissions to access the resource reconciliation pages for a given entity type and profile. -- [ Reconciliate Roles Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md): +- [Reconciliate Roles Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reconciliaterolesaccesscontrolrules/index.md): Generates the permissions to access the role reconciliation pages for a given entity type and profile. -- [ Redundant Assignment Access Control Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md): +- [Redundant Assignment Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/redundantassignmentaccesscontrolrule/index.md): Generates the permissions to access the **Redundant Assignment** page, to analyze and remove redundant assignments. -- [ Report Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md): +- [Report Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md): Generates the permissions to access the report view. -- [ Resource Api Administration ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md): +- [Resource Api Administration](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourceapiadministration/index.md): Generates the permissions to create/update/delete/query resources from a given entity type, for a given profile. -- [ Resource Picker Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md): +- [Resource Picker Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/resourcepickercontrolrules/index.md): Creates the reading right of the resource picker. -- [ ResourceTypeMappingControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md): +- [ResourceTypeMappingControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcetypemappingcontrolrules/index.md): Generate rights to launch agent fulfillment. -- [ Review Provisioning Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md): +- [Review Provisioning Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewprovisioningaccesscontrolrules/index.md): Generates the permissions to access the provisioning review pages for a given entity type and profile. -- [ Review Roles Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md): +- [Review Roles Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/reviewrolesaccesscontrolrules/index.md): Generates the permissions to access the role review pages for a given entity type and profile. -- [ Risks Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md): -- [ Role Administration Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md): +- [Risks Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/risksadministrationaccesscontrolrules/index.md): +- [Role Administration Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/roleadministrationaccesscontrolrules/index.md): Generates the permissions to access the configuration pages and create, update, delete the elements of the role model. -- [ Role Naming Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md): +- [Role Naming Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/rolemodels/rolenamingaccesscontrolrules/index.md): Generates the permissions to configure and launch the automatic creation of roles and rules based on naming conventions. -- [ Settings Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md): +- [Settings Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/connectors/settingsaccesscontrolrules/index.md): Generates the permissions to configure the Workforce Core Solution module and connector settings. -- [ Simulation Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md): Generates the +- [Simulation Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md): Generates the permissions to configure and launch simulations. -- [ SynchronizationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md): +- [SynchronizationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/synchronizationaccesscontrolrules/index.md): Generates rights to launch synchronization task. -- [ TaskAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md): +- [TaskAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/taskadministrationaccesscontrolrules/index.md): Generates all rights to have the access to job administration page. -- [ Universe Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md): +- [Universe Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/universeaccesscontrolrules/index.md): Generates an access control rule which gives a profile the permission to access the query page and run queries. -- [ View History Resource Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md): +- [View History Resource Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewhistoryresourcetemplate/index.md): Generates an access control rule giving to the specified profile the permission to browse the resources history of the specified entity type. -- [ Workflow Configuration Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md): -- [ WorkflowFulfillmentControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md): +- [Workflow Configuration Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowconfigurationcontrolrules/index.md): +- [WorkflowFulfillmentControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/workflowfulfillmentcontrolrules/index.md): Generates the execution rights to launch Fulfillment workflow for a given profile. -- [ Workflow Overview Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md): +- [Workflow Overview Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/workflowoverviewcontrolrules/index.md): Generates the permissions to access the workflow supervision page. ## Examples diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md index a5cc66f264..a17a42189c 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md @@ -11,27 +11,27 @@ given profile. The scaffolding generates the following scaffoldings: -- [ Create Update Delete Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md): +- [Create Update Delete Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/createupdatedeleteaccesscontrolrules/index.md): Generates execution rights for the create, update, delete workflows. -- [ Create Update Delete Menus ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md): +- [Create Update Delete Menus](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeletemenus/index.md): Creates creation, update and delete menus for an entity. -- [ Create Update Delete Workflows ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md): -- [ Entity Type Display Name ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): +- [Create Update Delete Workflows](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/createupdatedeleteworkflows/index.md): +- [Entity Type Display Name](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): Computes a default value for resources' internal display names. -- [ Entity Type Display Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md): +- [Entity Type Display Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md): Creates a display table for the given entity. -- [ Entity Type Search Bar ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md): Creates +- [Entity Type Search Bar](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypesearchbar/index.md): Creates the search bar for the entity without criteria. -- [ View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): +- [View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the permissions to view an entity type's resources. -- [ Workflow Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md): Creates an +- [Workflow Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md): Creates an entity that will be the source of all workflows that manipulate the given entity. ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md index 5f9f02dab2..1715bdb377 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md @@ -10,13 +10,13 @@ Creates all configuration items to add a ReportQuery for an EntityType and profi The scaffolding generates the following scaffoldings: -- [ Report Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md): +- [Report Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/reportaccesscontrolrules/index.md): Generates the permissions to access the report view. -- [ Target Resource Report ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md): Creates a ReportQuery +- [Target Resource Report](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md): Creates a ReportQuery with default Query taking all the properties of the entity. -- [ Target Resource Report Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md): +- [Target Resource Report Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md): Generates the permissions to apply a report for a profile on a given entity. -- [ Target Resource Report Menus ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md): +- [Target Resource Report Menus](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md): Creates the Item menu for the entity's report so that it is displayed in the report view. ## Properties diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/index.md index 7259fef765..fc2ec9a28d 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/index.md @@ -10,48 +10,48 @@ sidebar_position: 50 Gives the permissions to manage the connector pages. -- [ Create Administrator Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md) +- [Create Administrator Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createadministratorprofile/index.md) Creates the profile administrator and all default access control rules. -- [ Create Update Delete Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md) +- [Create Update Delete Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/createupdatedeletetemplate/index.md) Creates the three types of workflow for the given entity as well as the execution rights for the given profile. -- [ Entity Report Default ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md) +- [Entity Report Default](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/entityreportdefault/index.md) Creates all configuration items to add a ReportQuery for an EntityType and profile. -- [ Job Execution Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) +- [Job Execution Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md) Assigns a set of rights to a given profile to execute any job, and view all job instances, task instances and logs. -- [ Job View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md) +- [Job View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md) Scaffolding to generate a set of rights to view all JobInstances, TaskInstances and logs. -- [ Simulation Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md) +- [Simulation Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md) Generates the permissions to configure and launch simulations. -- [ Update Resources Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md) -- [ View Source Resource Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewsourceresourcetemplate/index.md) +- [Update Resources Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md) +- [View Source Resource Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewsourceresourcetemplate/index.md) Creates the display table, fills in the internal display name of the entity, and gives the rights to see the permissions and sources of the entity for a given profile. -- [ View Target Resource Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md) +- [View Target Resource Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md) Creates the entity view (designElement = resourceTable), the report and the rights for a given profile. -- [ View Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md) +- [View Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md) Creates the view for the given entity as well as the rights for the given profile. -- [ View Template Adaptable ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md) +- [View Template Adaptable](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md) Implements a default display name for the resources of a given entity type, displays the resources in an adaptable table, and give the permissions to view the resources. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md index 223d4eb093..eb3ef3c148 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobexecutionaccesscontrolrules/index.md @@ -11,16 +11,16 @@ instances, task instances and logs. The scaffolding generates the following scaffoldings: -- [ Job View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md): Scaffolding to generate +- [Job View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md): Scaffolding to generate a set of rights to view all JobInstances, TaskInstances and logs. -- [ RunJobAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md): +- [RunJobAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobadministrationaccesscontrolrules/index.md): Generates the permissions to launch jobs from UI for a given profile. -- [ RunJobNotificationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md): +- [RunJobNotificationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobnotificationaccesscontrolrules/index.md): Generates access control to send notification when job finish with an error state. -- [ RunJobRepairAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md): +- [RunJobRepairAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairadministrationaccesscontrolrules/index.md): Generates the permissions to launch from UI jobs that are in state blocked after a Provisioning or a synchronization for a given profile. -- [ RunJobRepairNotificationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md): +- [RunJobRepairNotificationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/runjobrepairnotificationaccesscontrolrules/index.md): Generates access control to send notification when a relaunch job finish with an error state. ## Examples @@ -30,7 +30,7 @@ job instances, task instances and logs: ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md index 6e882355ec..d8addc707a 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/jobviewaccesscontrolrules/index.md @@ -11,14 +11,14 @@ Scaffolding performs a set of scaffolding rights for Jobs and Tasks. The scaffolding generates the following scaffoldings: -- [ GetJobLogAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md): +- [GetJobLogAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/getjoblogadministrationaccesscontrolrules/index.md): Generates the permissions to read task and job instances logs in UI for a given profile. -- [ JobAdministrationAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md): +- [JobAdministrationAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/jobadministrationaccesscontrolrules/index.md): Scaffolding to access the job administration page. -- [ PendingAssignedResourceTypesAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md): +- [PendingAssignedResourceTypesAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/pendingassignedresourcetypesaccesscontrolrules/index.md): Generates the access control rules which give to a profile the permissions to call the API Pending AssignedResourceTypes. -- [ ResourceChangesViewAccessControlRules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md): +- [ResourceChangesViewAccessControlRules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/jobs/resourcechangesviewaccesscontrolrules/index.md): Generates the access control rules which gives to a profile the permissions to call the API ResourceChange, ResourceFileChange and ResourceLinkChange. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md index 787422f9e2..1f50edfa1d 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/simulationaccesscontrolrules/index.md @@ -14,13 +14,13 @@ this screen, simulations can be launched and results can be visualized. The scaffolding generates the following scaffoldings: - [Policy Simulation Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/policysimulationcontrolrules/index.md): -- [ Role And Simulation Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md): +- [Role And Simulation Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/simulations/roleandsimulationcontrolrules/index.md): ## Examples ``` - +**** ``` @@ -36,6 +36,6 @@ Our example generates the following configuration: ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md index 2ef5e7e85d..0a59a647c4 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/updateresourcestemplate/index.md @@ -8,23 +8,23 @@ sidebar_position: 80 The scaffolding generates the following scaffoldings: -- [ Entity Type Display Name ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): +- [Entity Type Display Name](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): Computes a default value for resources' internal display names. -- [ Entity Type Display Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md): +- [Entity Type Display Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md): Creates a display table for the given entity. -- [ Update Resources Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md): -- [ Update Resources Menus ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md): -- [ Update Resources Workflows ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md): -- [ View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): +- [Update Resources Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/workflows/updateresourcesaccesscontrolrules/index.md): +- [Update Resources Menus](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesmenus/index.md): +- [Update Resources Workflows](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/updateresourcesworkflows/index.md): +- [View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the permissions to view an entity type's resources. -- [ Workflow Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md): Creates an +- [Workflow Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/workflows/workflowentitytype/index.md): Creates an entity that will be the source of all workflows that manipulate the given entity. ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md index 5c8e590f53..8a3cce29ac 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtargetresourcetemplate/index.md @@ -11,24 +11,24 @@ profile. The scaffolding generates the following scaffoldings: -- [ Entity Type Display Name ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): +- [Entity Type Display Name](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): Computes a default value for resources' internal display names. -- [ Entity Type Display Target Resource Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md): +- [Entity Type Display Target Resource Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytargetresourcetable/index.md): Creates a displaytable for the given entity. -- [ Target Resource Report ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md): Creates a ReportQuery +- [Target Resource Report](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/queries/targetresourcereport/index.md): Creates a ReportQuery with default Query taking all the properties of the entity. -- [ Target Resource Report Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md): +- [Target Resource Report Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/queries/targetresourcereportaccesscontrolrules/index.md): Generates the permissions to apply a report for a profile on a given entity. -- [ Target Resource Report Menus ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md): +- [Target Resource Report Menus](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/targetresourcereportmenus/index.md): Creates the Item menu for the entity's report so that it is displayed in the report view. -- [ View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): +- [View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the permissions to view an entity type's resources. ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md index 42c7a9ffa5..2c46fecde4 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md @@ -10,11 +10,11 @@ Creates the view for the given entity as well as the rights for the given profil The scaffolding generates the following scaffoldings: -- [ Entity Type Display Name ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): +- [Entity Type Display Name](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): Computes a default value for resources' internal display names. -- [ Entity Type Display Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md): +- [Entity Type Display Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytable/index.md): Creates a display table for the given entity. -- [ View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): +- [View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the permissions to view an entity type's resources. ## Examples @@ -25,7 +25,7 @@ The following example implements a default display name for resources from the ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md index fbf685f796..df807abdb2 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md @@ -11,11 +11,11 @@ in an adaptable table, and give the permissions to view the resources. The scaffolding generates the following scaffoldings: -- [ Entity Type Display Name ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): +- [Entity Type Display Name](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplayname/index.md): Computes a default value for resources' internal display names. -- [ Entity Type Display Table Adaptable ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md): +- [Entity Type Display Table Adaptable](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/entitytypes/entitytypes/entitytypedisplaytableadaptable/index.md): Creates an adaptable display table for a given entity type. -- [ View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): +- [View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md): Generates the permissions to view an entity type's resources. ## Examples @@ -26,7 +26,7 @@ the `Administrator` profile the permissions to view the resources. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/index.md index 8af69b4aa5..970b264f5d 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/index.md @@ -6,7 +6,7 @@ sidebar_position: 60 # Workforce -- [ Bootstrap Module ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/bootstrapmodule/index.md) Generates the default settings required to start +- [Bootstrap Module](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/bootstrapmodule/index.md) Generates the default settings required to start using Identity Manager and the Workforce Core Solution module.- [Workforce Module](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/workforce/workforcemodule/index.md) Generates the workforce repository based on the data filled in the Workforce Core Solution module. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md index 054e4eef20..8762b1122f 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md @@ -6,7 +6,7 @@ sidebar_position: 20 # Connection -A connection represents a link between a [ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) and a connection +A connection represents a link between a [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) and a connection package. ## Examples @@ -16,7 +16,7 @@ package `Usercube.AD@0000001` with only the export task and not the fulfill task ``` - +**** ``` @@ -30,12 +30,10 @@ appsettings.agent.json "Connections": { ... "ADExportFulfillment": { - "Servers": [ - { + "Servers": [{ "Server": "contoso.server.com", "BaseDN": "DC=contoso,DC=com" - } - ], + }], "AuthType": "Basic", "Login": "Contoso", "Password": "ContOso$123456789", @@ -63,8 +61,8 @@ Details about these settings can be found in Identity Manager's ## Child Element: Transformation A connection transformation is optional, but can be needed to adjust the Excel files, output of -[ Export Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) from Excel export connections, before -[ Prepare Synchronization Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md). The +[Export Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) from Excel export connections, before +[Prepare Synchronization Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md). The following operations are possible: - filtering out given rows; diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md index 5667bfca40..92068ac0ab 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md @@ -20,32 +20,32 @@ associations. A connector is used to synchronize each of its entities and associations in Identity Manager's physical model. A connector is defined with: -- [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md); -- [ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md); -- [ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and - [ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) to link the entity types and +- [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md); +- [Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md); +- [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) and + [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) to link the entity types and associations to the corresponding files and columns containing the exported data from the managed system. ## Examples The following example creates a `HR` connector on the agent called `Local` previously declared by an -[ Agent ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/agent/index.md) element. +[Agent](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/agent/index.md) element. -We create the right [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) to use the connector as a -[ CSV ](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/csv/index.md)aiming to export HR CSV files into +We create the right [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) to use the connector as a +[CSV](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/csv/index.md)aiming to export HR CSV files into new CSV files in Identity Manager's format. -The [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) model the resources as `HR_Person` or +The [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) model the resources as `HR_Person` or `HR_Organization`, defining properties. -The [ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) link the entity types to the source +The [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) link the entity types to the source files. -The [ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) creates a link between the two +The [Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) creates a link between the two entity types. -The [ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) links the association to +The [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) links the association to the source files. ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md index 2547f5adfe..793ee654f2 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md @@ -6,10 +6,10 @@ sidebar_position: 60 # Entity Association Mapping -Contains all the [ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) that can be +Contains all the [Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) that can be materialized in the Identity Manager physical model. An association mapping can be established between two properties of the same entity type mapping or between two properties of different entity -type mappings having the same connector. See the [ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) topic to learn +type mappings having the same connector. See the [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) topic to learn how to configure an EntityAssociationMapping. ## Properties diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md index f9f36fb834..81ca66c7bd 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md @@ -6,15 +6,15 @@ sidebar_position: 70 # Entity Type Mapping -An entity type mapping links a given [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)'s +An entity type mapping links a given [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)'s properties with the source columns of the corresponding managed system. The entity type mapping -specifies the related [ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) and the path to the CSV source file which +specifies the related [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) and the path to the CSV source file which contains, or will contain, the data exported from the managed system. Each of its Entity Type Mapping properties will define the corresponding source column and specific options. An entity type mapping shares the same identifier as its related entity type. -See the example of a whole [ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) containing an entity type mapping. +See the example of a whole [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) containing an entity type mapping. ## Properties @@ -32,7 +32,7 @@ See the example of a whole [ Connector ](/docs/identitymanager/saas/integration- ## Child Element: Property -Contains all the [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties that can be +Contains all the [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties that can be synchronized into Identity Manager physical model. Each mapping share the same id as its corresponding property in the entity type. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/index.md index e23d35d542..9bc979d255 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/index.md @@ -6,11 +6,11 @@ sidebar_position: 20 # Connectors -- [ Agent ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/agent/index.md) -- [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) -- [ Connection Table ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connectiontable/index.md) -- [ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) +- [Agent](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/agent/index.md) +- [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) +- [Connection Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connectiontable/index.md) +- [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) - [Resource Type Mappings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/index.md) -- [ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) -- [ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) -- [ Password Reset Settings ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) +- [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md) +- [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) +- [Password Reset Settings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md index a0dd817bc8..69c671cf88 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md @@ -31,7 +31,7 @@ total, at least 8 lowercase characters, 4 uppercase characters, 2 digits and 2 s ``` - +**** ``` @@ -43,7 +43,7 @@ total, at least 8 lowercase characters, 4 uppercase characters, 2 digits and 2 s ``` - +**** ``` @@ -58,7 +58,7 @@ character. ``` - +**** ``` @@ -82,4 +82,4 @@ character. | NotificationCC optional | **Type** String **Description** Email address to set as CC recipient of all password reset notifications. | | NotifiedEmailBinding optional | **Type** Int64 **Description** Binding to the email address property of the person to be notified. | | NotifiedFullNameBinding optional | **Type** Int64 **Description** Binding to the full name property of the person to be notified. | -| StrengthCheck optional | **Type** String **Description** Regular expression (regex) that generated passwords must match, when `AutoGenerate` is set to `true`. **Note:** the strength of passwords set manually by users can be configured via [ Password Tests Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md). | +| StrengthCheck optional | **Type** String **Description** Regular expression (regex) that generated passwords must match, when `AutoGenerate` is set to `true`. **Note:** the strength of passwords set manually by users can be configured via [Password Tests Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md). | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/easyvistaresourcetypemapping/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/easyvistaresourcetypemapping/index.md index 0593f1fda1..20bfb2bc05 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/easyvistaresourcetypemapping/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/easyvistaresourcetypemapping/index.md @@ -27,6 +27,6 @@ script in the command line. | Description optional | String | File path of the template used for the generation of the ticket description. | | ImpactId optional | String | [Impact](https://wiki.easyvista.com/xwiki/bin/view/Documentation/Service%20Manager%20-%20All%20Menus/References%20Tables/#impact) of the ticket. | | SeverityId optional | String | [Severity level](https://wiki.easyvista.com/xwiki/bin/view/Documentation/Service%20Manager%20-%20All%20Menus/References%20Tables/#severity-level) of the ticket. | -| TicketSynchroIsNotAvailable default value: false | Boolean | True to set synchronization as unavailable for this resource type. Once the ticket is closed and the resource is created, updated or deleted, then the assignment's status is directly set to Verified. Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketSynchroIsNotAvailable default value: false | Boolean | True to set synchronization as unavailable for this resource type. Once the ticket is closed and the resource is created, updated or deleted, then the assignment's status is directly set to Verified. Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | | Title optional | String | File path of the template used for the generation of the ticket title. | | UrgencyId optional | String | [Urgency level](https://wiki.easyvista.com/xwiki/bin/view/Documentation/Service%20Manager%20-%20All%20Menus/References%20Tables/#urgency-level) of the ticket. | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/manualprovisioningresourcetypemapping/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/manualprovisioningresourcetypemapping/index.md index 027517a66d..2ed53dad06 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/manualprovisioningresourcetypemapping/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/manualprovisioningresourcetypemapping/index.md @@ -22,4 +22,4 @@ script in the command line. | Property | Type | Description | | ------------------------------------ | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Connection required | String | Identifier of the corresponding connection. | -| TicketSynchroIsNotAvailable optional | Boolean | True to set synchronization as unavailable for this resource type. Once the ticket is closed and the resource is created, updated or deleted, then the assignment's status is directly set to Verified. Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketSynchroIsNotAvailable optional | Boolean | True to set synchronization as unavailable for this resource type. Once the ticket is closed and the resource is created, updated or deleted, then the assignment's status is directly set to Verified. Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/servicenowresourcetypemapping/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/servicenowresourcetypemapping/index.md index 8804565620..80c3aa227b 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/servicenowresourcetypemapping/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/resourcetypemappings/servicenowresourcetypemapping/index.md @@ -34,10 +34,10 @@ script in the command line. | Connection required | String | Identifier of the corresponding connection. | | DefaultObjectClass optional | String | Default object class used by the provisioner, for example person, organizationalPerson, and user, etc. Multiple default object classes are separated with
. | | PasswordResetSetting optional | String | Identifier of the corresponding password reset setting. | -| TicketAdditionalInformation optional | String | Information to add at the end of the description for all tickets created for this resource type. Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | -| TicketCallerId optional | String | Attribute that corresponds to the identifier of the "caller" person in ServiceNow. Required when using the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | -| TicketCategory optional | String | Category in which new tickets will be created in ServiceNow for this resource type. **NOTE:** Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | -| TicketImpact default value: Low | TicketImpact | Impact of the ticket in ServiceNow: Low; Medium; or High. Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | -| TicketSubCategory optional | String | Subcategory in which new tickets will be created in ServiceNow for this resource type. Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | -| TicketSynchroIsNotAvailable default value: false | Boolean | True to set synchronization as unavailable for this resource type. Once the ticket is closed and the resource is created, updated or deleted, then the assignment's status is directly set to Verified. Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | -| TicketUrgency default value: Low | TicketUrgency | Urgency of the ticket in ServiceNow: Low; Medium; High. **NOTE:** Only used with the package for tickets. See the [ ServiceNow Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketAdditionalInformation optional | String | Information to add at the end of the description for all tickets created for this resource type. Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketCallerId optional | String | Attribute that corresponds to the identifier of the "caller" person in ServiceNow. Required when using the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketCategory optional | String | Category in which new tickets will be created in ServiceNow for this resource type. **NOTE:** Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketImpact default value: Low | TicketImpact | Impact of the ticket in ServiceNow: Low; Medium; or High. Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketSubCategory optional | String | Subcategory in which new tickets will be created in ServiceNow for this resource type. Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketSynchroIsNotAvailable default value: false | Boolean | True to set synchronization as unavailable for this resource type. Once the ticket is closed and the resource is created, updated or deleted, then the assignment's status is directly set to Verified. Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | +| TicketUrgency default value: Low | TicketUrgency | Urgency of the ticket in ServiceNow: Low; Medium; High. **NOTE:** Only used with the package for tickets. See the [ServiceNow Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/servicenow-ticket/index.md) topic for additional information. | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/index.md index 88c05b91a0..9ba21684d9 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/index.md @@ -13,16 +13,16 @@ same. ## Family Entity Listing -- [ Access Certification ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/index.md) -- [ Connectors ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/index.md) -- [ Configuration ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/index.md) -- [ User Interface ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/index.md) -- [ Jobs ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/index.md) -- [ Metadata ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/index.md) -- [ Notifications ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/index.md) -- [ Provisioning ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/index.md) -- [ Reporting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/reporting/index.md) -- [ Resources ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/resources/index.md) -- [ Access Certification ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/index.md) -- [ Business Intelligence ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/index.md) -- [ Workflows ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/index.md) +- [Access Certification](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/index.md) +- [Connectors](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/index.md) +- [Configuration](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/index.md) +- [User Interface](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/index.md) +- [Jobs](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/index.md) +- [Metadata](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/index.md) +- [Notifications](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/index.md) +- [Provisioning](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/index.md) +- [Reporting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/reporting/index.md) +- [Resources](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/resources/index.md) +- [Access Certification](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-certification/index.md) +- [Business Intelligence](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/index.md) +- [Workflows](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/index.md index 9bf0f0f736..ea8dc7e616 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/index.md @@ -9,7 +9,7 @@ sidebar_position: 50 A job is defined via the `Job` tag to orchestrate tasks together, in order to perform specific actions. -All [ Tasks ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md) types are child elements of jobs. +All [Tasks](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md) types are child elements of jobs. -- [ Job ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/job/index.md) -- [ Tasks ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md) +- [Job](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/job/index.md) +- [Tasks](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md index 99568ffc3d..9f9dcef102 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md @@ -14,7 +14,7 @@ An activity Instance can have at most 20 actors. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md index 4981de4746..1306fb149d 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md @@ -16,7 +16,7 @@ For every **EntityType**, a matching SQL view is created from the UR_Resource ta ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md index d1117febf6..dbe2b5d023 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md @@ -17,7 +17,7 @@ changes in ServiceNow. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/index.md index 99a6e267a6..287bfc5d92 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/index.md @@ -6,33 +6,33 @@ sidebar_position: 10 # Agent Tasks -- [ Activity Instance Actor Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md) +- [Activity Instance Actor Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md) Update the Actors for the workflows instances. -- [ Create Database Views Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md) +- [Create Database Views Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md) Generates entity model SQL views in the Identity Manager database. -- [ Export Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) +- [Export Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) Runs the specified connection's export. -- [ Fulfill Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md) +- [Fulfill Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md) Retrieves provisioning orders from the informed connector generated by GenerateProvisioningOrdersTask to make changes in a system. Instead of a connector it is possible to launch it with a list of TaskResourceTypes. -- [ Invoke Api Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeapitask/index.md) +- [Invoke Api Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeapitask/index.md) Tool to launch any Identity Manager API. -- [ Invoke Aspects Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeaspectstask/index.md) +- [Invoke Aspects Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeaspectstask/index.md) Call specific api in Identity Manager. -- [ Invoke Expression Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) +- [Invoke Expression Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) Launches on agent side a powershell script given as input. @@ -41,6 +41,6 @@ sidebar_position: 10 Takes as input an SQL file or an SQL command to output several CSV files that can be used by the collection. -- [ Prepare Synchronization Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) +- [Prepare Synchronization Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) Cleanses exported CSV files. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md index d40c6f5334..694920a100 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md @@ -12,7 +12,7 @@ Launches on agent side a powershell script given as input. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokesqlcommandtask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokesqlcommandtask/index.md index 5759973ca2..1c8372385a 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokesqlcommandtask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokesqlcommandtask/index.md @@ -18,10 +18,13 @@ script in the command line. ``` -**NOTE:** The database Identifier attribute has a specific location where the connection strings for +:::note +The database Identifier attribute has a specific location where the connection strings for the database identifiers need to be defined. See the [appsettings.agent](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md)topic for additional information. +::: + ## Properties diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md index 5890e75cbe..8f0031cfc8 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md @@ -18,8 +18,8 @@ for additional information. The following actions are performed on the _CSV source files_: 1. Remove columns that are not used in - [ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or - [ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). + [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) or + [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md). 2. Remove entries that have a null primary key. 3. Remove duplicates. 4. Sort entries according to the primary key. @@ -29,8 +29,8 @@ The result of the _Prepare-Synchronization_ is stored in the as three files: - For every entity type of the relevant _Connector_ involved in an - [ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)> or an - [ Entity Association Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), a + [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)> or an + [Entity Association Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entityassociationmapping/index.md), a `.sorted.csv` file is generated, containing the final, cleansed and sorted result. - Duplicates are kept in a separate `.duplicates.csv` file. - Null primary key entries are kept in a separate `.nullpk.csv` file. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md index 614bf42cd8..d845860fab 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/index.md @@ -8,33 +8,33 @@ sidebar_position: 20 - [Agent Tasks](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/index.md) -- [ Activity Instance Actor Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md) +- [Activity Instance Actor Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/activityinstanceactortask/index.md) Update the Actors for the workflows instances. -- [ Create Database Views Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md) +- [Create Database Views Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/createdatabaseviewstask/index.md) Generates entity model SQL views in the Identity Manager database. -- [ Export Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) +- [Export Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) Runs the specified connection's export. -- [ Fulfill Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md) +- [Fulfill Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/fulfilltask/index.md) Retrieves provisioning orders from the informed connector generated by GenerateProvisioningOrdersTask to make changes in a system. Instead of a connector it is possible to launch it with a list of TaskResourceTypes. -- [ Invoke Api Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeapitask/index.md) +- [Invoke Api Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeapitask/index.md) Tool to launch any Identity Manager API. -- [ Invoke Aspects Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeaspectstask/index.md) +- [Invoke Aspects Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeaspectstask/index.md) Call specific api in Identity Manager. -- [ Invoke Expression Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) +- [Invoke Expression Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/invokeexpressiontask/index.md) Launches on agent side a powershell script given as input. @@ -43,37 +43,37 @@ sidebar_position: 20 Takes as input an SQL file or an SQL command to output several CSV files that can be used by the collection. -- [ Prepare Synchronization Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) +- [Prepare Synchronization Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) Cleanses exported CSV files. -- [ Server Tasks ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/index.md) +- [Server Tasks](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/index.md) -- [ Build Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md) +- [Build Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md) Applies the role naming rules, i.e. generates single roles and navigation rules based on resources matching a given pattern. -- [ Compute Correlation Keys Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) +- [Compute Correlation Keys Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) The Compute Role Model correlation keys will pre-calculate all the keys needed by the Compute Role Model to match the resources. -- [ Compute Risk Scores Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computeriskscorestask/index.md) +- [Compute Risk Scores Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computeriskscorestask/index.md) Update risk score with the risk settings. -- [ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +- [Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) The Compute Role Model will calculate the role model of all whose EntityTypes sources are included in the list of EntityTypes given in the start of this job. -- [ Deploy Configuration Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) +- [Deploy Configuration Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) From a folder, retrieves all configuration xml files to calculate the configuration items to insert, update or delete. -- [ Fulfill Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md) +- [Fulfill Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md) Retrieves provisioning orders from the informed connector generated by GenerateProvisioningOrdersTask to make changes in a system. Instead of a connector it is @@ -84,89 +84,89 @@ sidebar_position: 20 The provisioning task will recover all resources whose provisioningState is at 1 to build a list of JSON files containing all provisioning orders. -- [ Get Role Mining Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) +- [Get Role Mining Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) Role mining is the process of analyzing user-to-resource mapping data to determine or modify user permissions for role-based access control (RBAC) in an enterprise. In a business setting, roles are defined according to job competency, authority and responsibility. -- [ Get Role Mining Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) -- [ Invoke Expression Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md) +- [Get Role Mining Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) +- [Invoke Expression Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md) Launches on agent side a powershell script given as input. -- [ Invoke Sql Command Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokesqlcommandtask/index.md) +- [Invoke Sql Command Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokesqlcommandtask/index.md) Takes as input an SQL file or an SQL command to output several CSV files that can be used by the collection. -- [ Maintain Indexes Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md) +- [Maintain Indexes Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md) Index maintenance and statistics update for all database tables. -- [ Manage Configuration Indexes Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/manageconfigurationindexestask/index.md) +- [Manage Configuration Indexes Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/manageconfigurationindexestask/index.md) Manage indexes for items from configuration. -- [ Process Access Certification Items Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/processaccesscertificationitemstask/index.md) +- [Process Access Certification Items Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/processaccesscertificationitemstask/index.md) Process decisions on access certification items. -- [ Reset Valid From Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md) +- [Reset Valid From Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md) Initialize historization tables by setting each entity's first record `ValidFrom` value to 0001-01-01 00:00:00.00. -- [ Save Pre-Existing Access Rights Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md) +- [Save Pre-Existing Access Rights Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md) During an initial installation of Identity Manager, data normally provided by Identity Manager or through a derogation in the User Interface is already present in the application system. -- [ Send Access Certification Notification Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendaccesscertificationnotificationtask/index.md) +- [Send Access Certification Notification Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendaccesscertificationnotificationtask/index.md) Notify assigned users having pending access certification items in campaign marked with `NotificationNeeded`. -- [ Send Notifications Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) +- [Send Notifications Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) Task that sends a notification to each configured recipient. -- [ Send Role Model Notifications Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendrolemodelnotificationstask/index.md) +- [Send Role Model Notifications Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendrolemodelnotificationstask/index.md) Task that sends a notification to all users who have pending roles to review, only for roles with a simple approval workflow, i.e. pending the validation 1 out of 1. -- [ Set Access Certification Reviewer Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md) +- [Set Access Certification Reviewer Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md) Assign access certification items to users according to their profiles and the access control rules. -- [ Set Internal User Profiles Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) +- [Set Internal User Profiles Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) Will execute the profile rules of the different resource types given in parameters to create, modify or delete profiles in automatic mode. -- [ Set Recently Modified Flag Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) +- [Set Recently Modified Flag Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) When synchronizing in full or incremental mode, it is possible to optimize the compute performance of the role model by taking into account only the changes made by the synchronization. -- [ Synchronize Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) +- [Synchronize Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) Retrieves the files generated by the prepare-synchronization task to insert the data into the Identity Manager database. -- [ Update Access Certification Campaign Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md) +- [Update Access Certification Campaign Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md) Starts or stops the access certification campaigns according to their `StartDate` and `EndDate`. -- [ Update Classification Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) +- [Update Classification Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) Classifies a list of resources that are part of the resourceType data targets as an argument to this job. -- [ Update Entity Property Expressions Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) +- [Update Entity Property Expressions Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) Calculates either for all entities or for a list of entities the expressions and inserts the values in the database. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md index 922e5ad180..1ce7d017e4 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md @@ -6,8 +6,8 @@ sidebar_position: 10 # Build Role Model Task -Applies the [ Role Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md), also named -[ Create Roles in Bulk ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md), +Applies the [Role Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md), also named +[Create Roles in Bulk](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md), i.e. generates single roles and navigation rules based on resources matching a given pattern. > For example, this task can transform AD groups with a special naming convention into roles. @@ -18,7 +18,7 @@ The following example applies all role naming rules linked to the AD connector. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md index bf07194e52..c29b3827fe 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md @@ -13,7 +13,7 @@ Model to match the resources. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md index 53ba20fffd..3beaae538d 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md @@ -13,7 +13,7 @@ update or delete. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md index 58cfe3cecd..e1f90a32a7 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md @@ -17,7 +17,7 @@ changes in ServiceNow. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md index 9dcd8ed574..033755aacc 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md @@ -19,7 +19,7 @@ SingleRoles and CompositesRoles and set it up in the system. ``` - +** ** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/index.md index 13a9974dd7..5e7fc5672b 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/index.md @@ -6,31 +6,31 @@ sidebar_position: 20 # Server Tasks -- [ Build Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md) +- [Build Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md) Applies the role naming rules, i.e. generates single roles and navigation rules based on resources matching a given pattern. -- [ Compute Correlation Keys Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) +- [Compute Correlation Keys Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) The Compute Role Model correlation keys will pre-calculate all the keys needed by the Compute Role Model to match the resources. -- [ Compute Risk Scores Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computeriskscorestask/index.md) +- [Compute Risk Scores Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computeriskscorestask/index.md) Update risk score with the risk settings. -- [ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +- [Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) The Compute Role Model will calculate the role model of all whose EntityTypes sources are included in the list of EntityTypes given in the start of this job. -- [ Deploy Configuration Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) +- [Deploy Configuration Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/deployconfigurationtask/index.md) From a folder, retrieves all configuration xml files to calculate the configuration items to insert, update or delete. -- [ Fulfill Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md) +- [Fulfill Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/fulfilltask/index.md) Retrieves provisioning orders from the informed connector generated by GenerateProvisioningOrdersTask to make changes in a system. Instead of a connector it is @@ -41,88 +41,88 @@ sidebar_position: 20 The provisioning task will recover all resources whose provisioningState is at 1 to build a list of JSON files containing all provisioning orders. -- [ Get Role Mining Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) +- [Get Role Mining Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md) Role mining is the process of analyzing user-to-resource mapping data to determine or modify user permissions for role-based access control (RBAC) in an enterprise. In a business setting, roles are defined according to job competency, authority and responsibility. -- [ Invoke Expression Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md) +- [Invoke Expression Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md) Launches on agent side a powershell script given as input. -- [ Invoke Sql Command Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokesqlcommandtask/index.md) +- [Invoke Sql Command Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokesqlcommandtask/index.md) Takes as input an SQL file or an SQL command to output several CSV files that can be used by the collection. -- [ Maintain Indexes Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md) +- [Maintain Indexes Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md) Index maintenance and statistics update for all database tables. -- [ Manage Configuration Indexes Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/manageconfigurationindexestask/index.md) +- [Manage Configuration Indexes Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/manageconfigurationindexestask/index.md) Manage indexes for items from configuration. -- [ Process Access Certification Items Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/processaccesscertificationitemstask/index.md) +- [Process Access Certification Items Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/processaccesscertificationitemstask/index.md) Process decisions on access certification items. -- [ Reset Valid From Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md) +- [Reset Valid From Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md) Initialize historization tables by setting each entity's first record `ValidFrom` value to 0001-01-01 00:00:00.00. -- [ Save Pre-Existing Access Rights Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md) +- [Save Pre-Existing Access Rights Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md) During an initial installation of Identity Manager, data normally provided by Identity Manager or through a derogation in the User Interface is already present in the application system. -- [ Send Access Certification Notification Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendaccesscertificationnotificationtask/index.md) +- [Send Access Certification Notification Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendaccesscertificationnotificationtask/index.md) Notify assigned users having pending access certification items in campaign marked with `NotificationNeeded`. -- [ Send Notifications Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) +- [Send Notifications Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) Task that sends a notification to each configured recipient. -- [ Send Role Model Notifications Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendrolemodelnotificationstask/index.md) +- [Send Role Model Notifications Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendrolemodelnotificationstask/index.md) Task that sends a notification to all users who have pending roles to review, only for roles with a simple approval workflow, i.e. pending the validation 1 out of 1. -- [ Set Access Certification Reviewer Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md) +- [Set Access Certification Reviewer Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md) Assign access certification items to users according to their profiles and the access control rules. -- [ Set Internal User Profiles Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) +- [Set Internal User Profiles Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md) Will execute the profile rules of the different resource types given in parameters to create, modify or delete profiles in automatic mode. -- [ Set Recently Modified Flag Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) +- [Set Recently Modified Flag Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md) When synchronizing in full or incremental mode, it is possible to optimize the compute performance of the role model by taking into account only the changes made by the synchronization. -- [ Synchronize Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) +- [Synchronize Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md) Retrieves the files generated by the prepare-synchronization task to insert the data into the Identity Manager database. -- [ Update Access Certification Campaign Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md) +- [Update Access Certification Campaign Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md) Starts or stops the access certification campaigns according to their `StartDate` and `EndDate`. -- [ Update Classification Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) +- [Update Classification Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md) Classifies a list of resources that are part of the resourceType data targets as an argument to this job. -- [ Update Entity Property Expressions Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) +- [Update Entity Property Expressions Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) Calculates either for all entities or for a list of entities the expressions and inserts the values in the database. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md index 5c3d1a7e58..0d55eba4d0 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/invokeexpressiontask/index.md @@ -12,7 +12,7 @@ Launches on agent side a powershell script given as input. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md index f452fdc119..696f1eda50 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/maintainindexestask/index.md @@ -12,7 +12,7 @@ Maintain indexes and update statistics for all database tables. Also cleans up d ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md index c1c2465a6b..60ceabc731 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/resetvalidfromtask/index.md @@ -13,7 +13,7 @@ Initialize historization tables by setting each entity's first record `ValidFrom ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md index 92c949940c..8ab093a230 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md @@ -23,7 +23,7 @@ the past. This update affects the following properties: ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md index 290ab30f2c..225692f403 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md @@ -7,7 +7,7 @@ sidebar_position: 170 # Send Notifications Task Task that sends all the custom notifications defined by the -[ Notification ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notification/index.md) XML tag. +[Notification](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notification/index.md) XML tag. ## Examples @@ -17,7 +17,7 @@ notifications concerning the `Directory_User` entity type. ``` - +** ** Knowing that we have for example: diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md index 1cde7c8745..e6618d4434 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setaccesscertificationreviewertask/index.md @@ -12,7 +12,7 @@ Assign access certification items to users according to their profiles and the a ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md index 23c435789d..bb99f4c5e2 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setinternaluserprofilestask/index.md @@ -9,7 +9,7 @@ sidebar_position: 200 Will execute the profile rules of the different resource types given in parameters to create, modify or delete profiles in automatic mode. -It is necessary to set up [ Profile Context ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md) as +It is necessary to set up [Profile Context](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilecontext/index.md) as well as [Profile Rule Context](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md) to be able to use this job. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md index 9e6d498312..0664c204ad 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/setrecentlymodifiedflagtask/index.md @@ -9,12 +9,12 @@ sidebar_position: 210 When synchronizing in full or incremental mode, it is possible to optimize the compute performance of the role model by taking into account only the changes made by the synchronization. This optimization is based on the `dirty` property of the entity -[ Resource ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/resources/resource/index.md). The task -[ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) with option `dirty` set to `true` will +[Resource](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/resources/resource/index.md). The task +[Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) with option `dirty` set to `true` will treat only resources marked as dirty. This task is used to set the `dirty` flag on all resources based on -[ Resources ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/resources/index.md)Change, Resource Link Change and Resource File Change +[Resources](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/resources/index.md)Change, Resource Link Change and Resource File Change entities. After this, it clears this changes tables. This task works correctly only if **previous synchronization tasks have not cleared the change @@ -24,7 +24,7 @@ tables** (option `DoNotDeleteChanges` set to `true`). ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md index 15d6e781d4..c55cd14175 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/synchronizetask/index.md @@ -7,20 +7,20 @@ sidebar_position: 220 # Synchronize Task Retrieves the files generated by the -[ Upward Data Synchronization ](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) to +[Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) to insert the data into the Identity Manager database. For more information on how the Synchronization works, see -[ Upward Data Synchronization ](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md). +[Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md). Collection must be done by the -[ Prepare Synchronization Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md). +[Prepare Synchronization Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md). ## Examples ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md index b2f02e0f24..142b60bd7d 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateaccesscertificationcampaigntask/index.md @@ -14,7 +14,7 @@ Filter and Access Certification Owner Filter), and fill the database with them. ``` - < +**<** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md index fdcef0d4cd..29671b7cbe 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateclassificationtask/index.md @@ -15,7 +15,7 @@ You must set up the ResourceClassificationRule on resourceTypes to be able to us ``` - +** ** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md index 2cdc9ae8be..00f5848e6c 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md @@ -13,7 +13,7 @@ in the database. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md index 33ef070fcd..7cadbf1274 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md @@ -6,7 +6,7 @@ sidebar_position: 30 # Dimension -A dimension is an [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) used to define an organizational filter +A dimension is an [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) used to define an organizational filter for the Identity Manager role model. ## Examples @@ -17,7 +17,7 @@ store the dimension value in the assignment rule tables. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md index 04c907620f..c0a87cc7ff 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md @@ -7,7 +7,7 @@ sidebar_position: 40 # Entity Association An entity association is used to model an association in Identity Manager's metadata. See the -[ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md)topic for additional information on a whole +[Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md)topic for additional information on a whole connector with its entity properties and associations. ## Examples @@ -30,7 +30,7 @@ several users, and one user to several groups. ``` - +**** ``` @@ -42,5 +42,5 @@ several users, and one user to several groups. | Identifier required | **Type** String **Description** Unique identifier of the association. It must be unique to the entity model scope. | | IsProperty1Collection default value: false | **Type** Boolean **Description** `true` to define a many-to-one association. | | IsProperty2Collection default value: false | **Type** Boolean **Description** `true` to define a one-to-many association. | -| Property1 required | **Type** Int64 **Description** Defines the first navigation property. A navigation property can be mono-valued or multi-valued (with its corresponding `IsPropertyCollection` set to `true`). Mono-valued navigation properties may be optimized (with a `TargetColumnIndex`) or not (without `TargetColumnIndex`). See more details under the TargetColumnIndex section of the [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties page. | +| Property1 required | **Type** Int64 **Description** Defines the first navigation property. A navigation property can be mono-valued or multi-valued (with its corresponding `IsPropertyCollection` set to `true`). Mono-valued navigation properties may be optimized (with a `TargetColumnIndex`) or not (without `TargetColumnIndex`). See more details under the TargetColumnIndex section of the [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) properties page. | | Property2 required | **Type** Int64 **Description** Defines the second navigation property. | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md index 152ba0fbd6..f3bc368456 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md @@ -7,7 +7,7 @@ sidebar_position: 60 # Entity Type Represents a conceptual model of a business object, such as a person entity or an organization -entity. See the [ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md)topic for additional information +entity. See the [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md)topic for additional information on how to configure define an EntityType. ## Properties @@ -15,7 +15,7 @@ on how to configure define an EntityType. | Property | Details | | ----------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | DisplayName_L1 optional | **Type** String **Description** Display name of the entity type in language 1 (up to 16). | -| Identifier required | **Type** String **Description** Unique identifier of the entity type. It must is be unique to the _entity model_ scope. Cannot be [ Reserved identifiers ](/docs/identitymanager/saas/integration-guide/toolkit/reservedidentifiers/index.md). | +| Identifier required | **Type** String **Description** Unique identifier of the entity type. It must is be unique to the _entity model_ scope. Cannot be [Reserved identifiers](/docs/identitymanager/saas/integration-guide/toolkit/reservedidentifiers/index.md). | | LicenseTag optional | **Type** String **Description** Value of the `Tag` parameter of the license key (in `appsettings.json`) linked to the entity type. All the features allowed by the license key are enabled for this entity type, otherwise only default features are available. | | TableName optional | **Type** String **Description** Represents the table name of hard coded entity types. Exclusively reserved to Identity Manager connector for Power BI. | @@ -55,7 +55,7 @@ For example, the below `Dimension1` attribute references a _Title_ entity by its ``` - +**** ``` @@ -76,7 +76,7 @@ queries directly in the database before deploying the configuration. | FlexibleComparisonExpression optional | **Type** String **Description** Expression used to transform the query input value for comparison using a flexible operator. | | GroupByProperty optional | **Type** Int64 **Description** Property used to regroup navigation resources (resources used in navigation rules) by value. When defined, the Evaluate policy will enforce that one and only one item of a group can be assigned to an identity on a given date range. **Warning:** whenever the value of this property changes for a resource used in the defined navigation rules, the server needs to be restarted in order for the changes to be taken into account. | | HistoryPrecision default value: 0 | **Type** Int32 **Description** Defines the number of minutes to wait, after a property change, before triggering the record history mechanism. | -| Identifier required | **Type** String **Description** Unique identifier of the property. It must be unique to the parent entity type scope. Cannot be a [ Reserved identifiers ](/docs/identitymanager/saas/integration-guide/toolkit/reservedidentifiers/index.md) and can only contain numbers (except the first character) and letters without accents. **Note:** cannot be "Id". | +| Identifier required | **Type** String **Description** Unique identifier of the property. It must be unique to the parent entity type scope. Cannot be a [Reserved identifiers](/docs/identitymanager/saas/integration-guide/toolkit/reservedidentifiers/index.md) and can only contain numbers (except the first character) and letters without accents. **Note:** cannot be "Id". | | IsKey default value: false | **Type** Boolean **Description** `true` if the property is designated to be one of the keys that uniquely identify any resource from the entity type in the configuration. Each entity type must have at least one key. **Note:** AD synchronization requires the `dn` property to have either `IsKey` or `EntityTypeMapping` > `Property` > `IsUniqueKey` set to `true` (key property in the UI). | | Language optional | **Type** Int64 **Description** Language associated to the property if it is localized (optional). | | NeutralProperty optional | **Type** Int64 **Description** Neutral property associated to the property if it is localized (optional). | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/index.md index 0cd0afe438..d6fed71e43 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/index.md @@ -6,11 +6,11 @@ sidebar_position: 60 # Metadata -- [ Access Control Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/accesscontrolentitytype/index.md) -- [ Binding ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) -- [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) -- [ Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) -- [ Entity Property Expression ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitypropertyexpression/index.md) -- [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) -- [ Language ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/language/index.md) -- [ Settings ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/index.md) +- [Access Control Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/accesscontrolentitytype/index.md) +- [Binding](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) +- [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) +- [Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entityassociation/index.md) +- [Entity Property Expression](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitypropertyexpression/index.md) +- [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) +- [Language](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/language/index.md) +- [Settings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/language/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/language/index.md index 1db2b6db37..fb26e8816b 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/language/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/language/index.md @@ -14,7 +14,7 @@ The following example declares a new language. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md index dff286a9bd..ee0ae469d0 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md @@ -12,7 +12,7 @@ Used to track the current configuration version. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/index.md index 65352bc8fa..943c0bb4b5 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/index.md @@ -10,35 +10,35 @@ sidebar_position: 80 This setting is used to customize the application display. -- [ Configuration Version Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md) +- [Configuration Version Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/configurationversionsetting/index.md) Used to track the current configuration version. -- [ Custom Link 1 Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/customlink1setting/index.md) +- [Custom Link 1 Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/customlink1setting/index.md) Used to display a given static HTML file to a custom URL address. -- [ Custom Link 2 Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/customlink2setting/index.md) +- [Custom Link 2 Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/customlink2setting/index.md) Used to display a given static HTML file to a custom URL address. -- [ Dashboard Item Number Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/dashboarditemnumbersetting/index.md) +- [Dashboard Item Number Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/dashboarditemnumbersetting/index.md) Used to customize the number of links to display on each section on the Dashboard. If no value is defined, the default value is 3. The value must be greater than 0 and less than or equal to 5. -- [ Mail Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md) -- [ Password Generation Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/passwordgenerationsetting/index.md) -- [ Password Tests Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md) +- [Mail Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md) +- [Password Generation Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/passwordgenerationsetting/index.md) +- [Password Tests Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md) This setting enables a check on the passwords set manually by users. -- [ Scheduling Clean Database Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/schedulingcleandatabasesetting/index.md) +- [Scheduling Clean Database Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/schedulingcleandatabasesetting/index.md) If the default value for the Task CleanDataBase needs to be overridden. -- [ Select All Performed by Association Query Handler Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md) +- [Select All Performed by Association Query Handler Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md) This setting enables task delegation to a group of people. @@ -46,6 +46,6 @@ sidebar_position: 80 This setting is used to filter the entity type used by authentication mechanism. -- [ Select User by Identity Query Handler Setting ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md) +- [Select User by Identity Query Handler Setting](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectuserbyidentityqueryhandlersetting/index.md) This attribute matches an end-user with a resource from the unified resource repository. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md index 29d57f8972..0fffce5572 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/mailsetting/index.md @@ -13,7 +13,7 @@ the email addresses contained by the `Email` property. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md index bf36bf3834..eb105a0226 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/passwordtestssetting/index.md @@ -9,7 +9,7 @@ sidebar_position: 80 This setting enables a check on the passwords set manually by users. The strength of passwords generated by Identity Manager can be configured via -[ Password Reset Settings ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) StrengthCheck. +[Password Reset Settings](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/passwordresetsettings/index.md) StrengthCheck. ## Examples @@ -18,7 +18,7 @@ including at least one digit, one lowercase letter, one uppercase and one specia ``` - +**** ``` @@ -27,4 +27,17 @@ including at least one digit, one lowercase letter, one uppercase and one specia | Property | Details | | --------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Identifier default value: PasswordTests | **Type** String **Description** Unique identifier of the setting. | -| PasswordRegex optional | **Type** String **Description** Regular expression(s) (regex) that users' passwords must match to be acceptable when set manually. When setting several regex, passwords must match all of them to be considered strong, and 70% to be considered average. Below that, a password is considered weak and cannot be confirmed. **Default value:**`'^..*$', '^...*$', '^....*$', '^.....*$', '^......*$', '^.......*$', '^........*$', '^.........*$', '^..........*$', '^.*[0-9].*$', '^.*[a-z].*$', '^.*[A-Z].*$', '^.*[^A-Za-z0-9].*$'` | +| PasswordRegex optional | **Type** String **Description** Regular expression(s) (regex) that users' passwords must match to be acceptable when set manually. When setting several regex, passwords must match all of them to be considered strong, and 70% to be considered average. Below that, a password is considered weak and cannot be confirmed. **Default value:**`'^..* +, '^...* +, '^....* +, '^.....* +, '^......* +, '^.......* +, '^........* +, '^.........* +, '^..........* +, '^.*[0-9].* +, '^.*[a-z].* +, '^.*[A-Z].* +, '^.*[^A-Za-z0-9].* +` | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md index 40d96d3079..5f1c5bfb3a 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/settings/selectallperformedbyassociationqueryhandlersetting/index.md @@ -12,7 +12,7 @@ This setting enables task delegation to a group of people. ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/index.md index 11dfadd73d..787dd29c49 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/index.md @@ -6,6 +6,6 @@ sidebar_position: 70 # Notifications -- [ Notification ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notification/index.md) -- [ Notifications (Typed) ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/index.md) +- [Notification](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notification/index.md) +- [Notifications (Typed)](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/index.md) - [Notification Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notification/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notification/index.md index 112dbdcf81..10553baf8d 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notification/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notification/index.md @@ -7,7 +7,7 @@ sidebar_position: 10 # Notification A notification can be configured to be sent to a given user on a regular basis at specified times, -through the [ Send Notifications Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) as +through the [Send Notifications Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/sendnotificationstask/index.md) as part of a job. ## Examples diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/index.md index 8355779d9e..540ee10f5b 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/index.md @@ -6,15 +6,15 @@ sidebar_position: 20 # Notifications (Typed) -- [ Access Certification Notification ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/accesscertificationnotification/index.md) +- [Access Certification Notification](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/accesscertificationnotification/index.md) Reminder notification concerning access certification. -- [ Manual Provisioning Notification ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/manualprovisioningnotification/index.md) +- [Manual Provisioning Notification](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/manualprovisioningnotification/index.md) Reminder notification concerning manual provisioning. -- [ Provisioning Review Notification ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/provisioningreviewnotification/index.md) +- [Provisioning Review Notification](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/provisioningreviewnotification/index.md) Reminder notification concerning provisioning review. @@ -22,6 +22,6 @@ sidebar_position: 20 Reminder notification concerning role model tasks. -- [ Role Review Notification ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/rolereviewnotification/index.md) +- [Role Review Notification](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notifications/rolereviewnotification/index.md) Reminder notification concerning role review. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md index 1cbbdb93c1..fc36f17a98 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/notifications/notificationtemplate/index.md @@ -14,7 +14,7 @@ Identity Manager natively sends notifications for usual cases. These native notifications are based on cshtml templates available inside the `Runtime` folder. If the provided templates do not meet your exact needs, then they can be replaced by personalized notification templates. See the -[ Native Notifications ](/docs/identitymanager/saas/integration-guide/notifications/native/index.md)topic for additional information. +[Native Notifications](/docs/identitymanager/saas/integration-guide/notifications/native/index.md)topic for additional information. ## Examples diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md index f2726967d5..1b50aacfc5 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md @@ -41,7 +41,10 @@ There are distinct types of automation rules: `PolicyAutomationRule` is equivalent to `AutomationRule` with its `Type` set to `Policy`, and requires specifying the `Policy` and `EntityType` properties. -_Remember,_ Netwrix recommends always using the typed syntax. +:::tip +Remember, Netwrix recommends always using the typed syntax. +::: + For example, you should always use `SingleRoleAutomationRule`, rather than `AutomationRule` with `Type` set to `CompositeRole`. @@ -103,4 +106,4 @@ script in the command line. | ResourceType optional | Int64 | Identifier of the resource type targeted by the rule. | | SingleRole optional | Int64 | Identifier of the single role targeted by the rule. | | Type required | AutomationRuleType | Object type targeted by the rule. 0 - CompositeRole. 1 - SingleRole. 2 - ResourceType. 4 - Category. 5 - Policy. | -| WorkflowState default value: 0 | WorkflowState | Workflow state of the assignments targeted by the rule. `0` - **None**: used for Identity Manager's internal computation. `1` - **Non-conforming**: the assignment is not supported by a rule. ![Workflow State: Non-conforming](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/1_nonconforming_v603.webp) `3` - **Pre-existing**: the assignment is not supported by a rule, and it existed before the production launch. ![Workflow State: Pre-existing](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/3_preexisting_v603.webp) `4` - **Requested**: the assignment is requested via a workflow, but not yet added. **NOTE:** Usually displayed in workflows' summaries. ![Workflow State: Pending Approval - Requested](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/4_requested_v603.webp) `5` - **Calculated - Missing Parameters**: the assignment was done by a rule which does not specify at least one required parameter for the role. ![Workflow State: Calculated - Missing Parameters](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/5_calculatedmissingparameters_v603.webp) `8` - **Pending Approval**: the assignment must be reviewed manually by a knowledgeable user. ![Workflow State: Pending Approval](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/8_pendingapproval_v603.webp) `9` - **Pending Approval 1 of 2**: the assignment is pending the first approval on a two-step workflow. `10` - **Pending Approval 2 of 2**: the assignment is pending the second approval on a two-step workflow. `11` - **Pending Approval 1 of 3**: the assignment is pending the first approval on a three-step workflow. `12` - **Pending Approval 2 of 3**: the assignment is pending the second approval on a three-step workflow. `13` - **Pending Approval 3 of 3**: the assignment is pending the third approval on a three-step workflow. `16` - **Approved**: the assignment has completed all approval steps. ![Workflow State: Approved](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/16_approved_v603.webp) `17` - **Declined**: the assignment is explicitly declined during one of the approval steps. ![Workflow State: Declined](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/17_declined_v603.webp) `18` - **Calculated**: the assignment is given by one of Identity Manager's rules. ![Workflow State: Calculated](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/18_calculated_v603.webp) `19` - **Inactive**: the assignment has expired and is not yet removed. Does not appear in the UI. `20` - **Cancellation**: the assignment is inferred by a role that was declined. See the [ Reconcile a Property ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. ![Workflow State: Cancellation](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/20_cancellation_v603.webp) `21` - **Suggested**: the assignment comes from a rule of type `Suggested` and appears among suggested permissions in the owner's permission basket. See the [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. ![Workflow State: Suggested](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/21_suggested_v603.webp) `22` - **Suggested**: the assignment comes from a rule of type `Automatic but with Validation` and appears among suggested permissions for a pre-existing user. See the [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. _Remember,_ the states `21` and `22` are both displayed in the UI as **Suggested** but they do not mean the exact same thing. `23` - **Automatic but with Validation**: the assignment comes from a rule of type `Automatic but with Validation` and appears in a new user's permission basket. See the [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. `24` - **Approved - Questioned**: the assignment was approved manually, then a change has been made in the assignment's source data via one of Identity Manager's workflows that should change the assignment but the manual approval is authoritative. See the [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topic for additional information. ![Workflow State: Approved - Questioned](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/24_approvedquestioned_v603.webp) `25` - **Pending Approval - Risk**: the assignment must be reviewed due to a risk. ![Workflow State: Pending Approval (Risk)](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/25_pendingapprovalrisk_v603.webp) `26` - **Blocked**: the assignment is blocked due to a risk of type `Blocking`. Does not appear in the UI. `27` - **Prolonged**: the assignment has expired but it was set with a grace period. See the [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. ![Workflow State: Prolonged](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/27_prolonged_v603.webp) `116` - **Approved - Risk**: the assignment is approved despite a risk. ![Workflow State: Approved (Risk)](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/16_approved_v603.webp) `118` - **Given by a Role**: the assignment comes from the assignment of a role. For example, when a user is assigned a SAP entitlement without having a SAP account, the account is created automatically with this state. ![Workflow State: Given by a Role](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/118_givenbyarole_v603.webp) **Found** - Will match assignments not supported by a rule. ![Workflow State: Non-conforming](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/1_nonconforming_v603.webp) **Historic** - Will match assignments not supported by a rule, which existed before the production launch. ![Workflow State: Pre-existing](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/3_preexisting_v603.webp) | +| WorkflowState default value: 0 | WorkflowState | Workflow state of the assignments targeted by the rule. `0` - **None**: used for Identity Manager's internal computation. `1` - **Non-conforming**: the assignment is not supported by a rule. ![Workflow State: Non-conforming](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/1_nonconforming_v603.webp) `3` - **Pre-existing**: the assignment is not supported by a rule, and it existed before the production launch. ![Workflow State: Pre-existing](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/3_preexisting_v603.webp) `4` - **Requested**: the assignment is requested via a workflow, but not yet added. **NOTE:** Usually displayed in workflows' summaries. ![Workflow State: Pending Approval - Requested](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/4_requested_v603.webp) `5` - **Calculated - Missing Parameters**: the assignment was done by a rule which does not specify at least one required parameter for the role. ![Workflow State: Calculated - Missing Parameters](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/5_calculatedmissingparameters_v603.webp) `8` - **Pending Approval**: the assignment must be reviewed manually by a knowledgeable user. ![Workflow State: Pending Approval](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/8_pendingapproval_v603.webp) `9` - **Pending Approval 1 of 2**: the assignment is pending the first approval on a two-step workflow. `10` - **Pending Approval 2 of 2**: the assignment is pending the second approval on a two-step workflow. `11` - **Pending Approval 1 of 3**: the assignment is pending the first approval on a three-step workflow. `12` - **Pending Approval 2 of 3**: the assignment is pending the second approval on a three-step workflow. `13` - **Pending Approval 3 of 3**: the assignment is pending the third approval on a three-step workflow. `16` - **Approved**: the assignment has completed all approval steps. ![Workflow State: Approved](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/16_approved_v603.webp) `17` - **Declined**: the assignment is explicitly declined during one of the approval steps. ![Workflow State: Declined](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/17_declined_v603.webp) `18` - **Calculated**: the assignment is given by one of Identity Manager's rules. ![Workflow State: Calculated](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/18_calculated_v603.webp) `19` - **Inactive**: the assignment has expired and is not yet removed. Does not appear in the UI. `20` - **Cancellation**: the assignment is inferred by a role that was declined. See the [Reconcile a Property](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. ![Workflow State: Cancellation](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/20_cancellation_v603.webp) `21` - **Suggested**: the assignment comes from a rule of type `Suggested` and appears among suggested permissions in the owner's permission basket. See the [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. ![Workflow State: Suggested](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/21_suggested_v603.webp) `22` - **Suggested**: the assignment comes from a rule of type `Automatic but with Validation` and appears among suggested permissions for a pre-existing user. See the [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. _Remember,_ the states `21` and `22` are both displayed in the UI as **Suggested** but they do not mean the exact same thing. `23` - **Automatic but with Validation**: the assignment comes from a rule of type `Automatic but with Validation` and appears in a new user's permission basket. See the [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. `24` - **Approved - Questioned**: the assignment was approved manually, then a change has been made in the assignment's source data via one of Identity Manager's workflows that should change the assignment but the manual approval is authoritative. See the [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topic for additional information. ![Workflow State: Approved - Questioned](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/24_approvedquestioned_v603.webp) `25` - **Pending Approval - Risk**: the assignment must be reviewed due to a risk. ![Workflow State: Pending Approval (Risk)](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/25_pendingapprovalrisk_v603.webp) `26` - **Blocked**: the assignment is blocked due to a risk of type `Blocking`. Does not appear in the UI. `27` - **Prolonged**: the assignment has expired but it was set with a grace period. See the [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) topic for additional information. ![Workflow State: Prolonged](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/27_prolonged_v603.webp) `116` - **Approved - Risk**: the assignment is approved despite a risk. ![Workflow State: Approved (Risk)](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/16_approved_v603.webp) `118` - **Given by a Role**: the assignment comes from the assignment of a role. For example, when a user is assigned a SAP entitlement without having a SAP account, the account is created automatically with this state. ![Workflow State: Given by a Role](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/118_givenbyarole_v603.webp) **Found** - Will match assignments not supported by a rule. ![Workflow State: Non-conforming](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/1_nonconforming_v603.webp) **Historic** - Will match assignments not supported by a rule, which existed before the production launch. ![Workflow State: Pre-existing](/img/product_docs/identitymanager/saas/integration-guide/role-assignment/evaluate-policy/3_preexisting_v603.webp) | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md index 0d61464d9f..e6ffce6c25 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md @@ -31,7 +31,7 @@ script in the command line. ``` -     +**** ``` @@ -56,5 +56,5 @@ script in the command line. | MaxDuration optional | Int32 | Duration (in minutes) after which the role will be automatically revoked, if no earlier end date is specified. It impacts only the roles which are manually assigned after the maximum duration is set. Pre-assigned roles are not impacted. If no duration is set on the role, the `MaxDuration` of the associated policy is applied. If the `MaxDuration` is set to 0 on the role, it prevents the associated policy from applying its `MaxDuration` to it. | | Policy required | Int64 | Identifier of the policy that the role is part of. | | ProlongationWithoutApproval default value: 0 | ProlongationWithoutApproval | Indicates whether the role can be extended without any validation. `0` - Inherited: gets the value from the policy. `1` - Enabled. `2` - Disabled. | -| R0 default value: false | Boolean | `true` to set the dimension 0 (up to 3V following the [ Base32 Parameter Names ](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)) as a required parameter when assigning the role. | +| R0 default value: false | Boolean | `true` to set the dimension 0 (up to 3V following the [Base32 Parameter Names](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)) as a required parameter when assigning the role. | | Tags optional | String | Tags of the roles targeted by the campaign filter. The tag separator is ¤. | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/context/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/context/index.md index 63fa9a2de7..28c4bf8914 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/context/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/context/index.md @@ -14,7 +14,7 @@ Contexts define the resources' scopes of responsibility. They are used during pr simplify the application of the role model's rules based on dimensions. See the -[ Identity Lifecycle: Joiners, Movers and Leavers ](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/index.md) +[Identity Lifecycle: Joiners, Movers and Leavers](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/index.md) for additional information about context generation. ## Properties diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md index 8301de915f..b95161c71f 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md @@ -19,10 +19,10 @@ Without a context rule, automatic entitlements (assigned via the role model's ru deletion. See the -[ Identity Lifecycle: Joiners, Movers and Leavers ](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/index.md) +[Identity Lifecycle: Joiners, Movers and Leavers](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/index.md) for additional information about context generation. -A context rule can be configured with [ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) in situations +A context rule can be configured with [Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) in situations where a user needs to be modeled by several contexts over time or simultaneously. Without record sections, a context rule can generate only one context per user. This means that @@ -100,7 +100,7 @@ user to be the maximum value of all their risk scores. ### Role mining Context rules also contain some parameters for -[ Perform Role Mining ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md). +[Perform Role Mining](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md). Users are distributed in a hypercube made of all dimensions, like in the following table (left) when we have only 2 dimensions, where for example `1`, `2`, `3`, etc. are users' possible locations, and @@ -168,16 +168,22 @@ The following example includes in certification campaigns only the resources tha ``` -**Note:** must be configured together with the other `ResourceCertificationComparison` properties. +:::note +must be configured together with the other `ResourceCertificationComparison` properties. +::: -**Note:** when not specified, certification items are defined by `ResourcesStartBinding` and + +:::note +when not specified, certification items are defined by `ResourcesStartBinding` and `ResourcesStartBinding`. +::: + ## Properties | Property | Details | | ------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| B0 optional | **Type** Int64 **Description** Binding of the dimension 0 (up to 3V in [ Base32 Parameter Names ](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)). The dimension can then be used in rules to filter the rules' targets. | +| B0 optional | **Type** Int64 **Description** Binding of the dimension 0 (up to 3V in [Base32 Parameter Names](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)). The dimension can then be used in rules to filter the rules' targets. | | DisplayName_L1 required | **Type** String **Description** Display name of the context rule in language 1 (up to 16). | | ExcludeExpression optional | **Type** String **Description** C# expression that defines the resources to exclude from context generation, because they should not be part of the role model and provisioning calculations. See the [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md) topic for additional information. | | Identifier required | **Type** String **Description** Unique identifier of the context rule. | @@ -188,10 +194,10 @@ The following example includes in certification campaigns only the resources tha | ResourceCertificationComparisonOperator optional | **Type** QueryComparisonOperator **Description** Operator of the comparison that specifies the resources to include in the related certification campaigns. **Note:** must be configured together with the other `ResourceCertificationComparison...` properties. **Note:** when not specified, certification items are defined by `ResourcesStartBinding` and `ResourcesStartBinding`. And when they are not specified either, there is no filtering, so all valid resources (those with `ValidTo` later than today's date) are included. | | ResourceCertificationComparisonValue optional | **Type** String **Description** Value to be compared to the value of `ResourcesCertificationComparisonBinding` in order to specify the resources to include in the related certification campaigns. **Note:** must be configured together with the other `ResourceCertificationComparison...` properties. **Note:** when not specified, certification items are defined by `ResourcesStartBinding` and `ResourcesStartBinding`. And when they are not specified either, there is no filtering, so all valid resources (those with `ValidTo` later than today's date) are included. | | ResourcesBinding optional | **Type** Int64 **Description** Binding that represents the entity type of the contexts to be created from the `SourceEntityType`. It can also be defined via `ResourcesExpression`. | -| ResourcesEndBinding optional | **Type** Int64 **Description** Binding of the date property among those from `ResourcesBinding` which specifies the end of validity for all [ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesEndExpression`. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | -| ResourcesEndExpression optional | **Type** String **Description** Expression based on the `ResourcesBinding` entity type that defines the end of validity for all [ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesEndBinding`. See the [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md) topic for additional information. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | +| ResourcesEndBinding optional | **Type** Int64 **Description** Binding of the date property among those from `ResourcesBinding` which specifies the end of validity for all [Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesEndExpression`. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | +| ResourcesEndExpression optional | **Type** String **Description** Expression based on the `ResourcesBinding` entity type that defines the end of validity for all [Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesEndBinding`. See the [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md) topic for additional information. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | | ResourcesExpression optional | **Type** String **Description** Expression based on `SourceEntityType` that defines the entity type of the contexts to be created. It can also be defined via `ResourcesBinding`. See the [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md) topic for additional information. | -| ResourcesStartBinding optional | **Type** Int64 **Description** Binding of the date property among those from `ResourcesBinding` which specifies the beginning of validity for all [ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesStartExpression`. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | -| ResourcesStartExpression optional | **Type** String **Description** Expression based on the `ResourcesBinding` entity type that defines the beginning of validity for all [ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesStartBinding`. See the [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md) topic for additional information. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | +| ResourcesStartBinding optional | **Type** Int64 **Description** Binding of the date property among those from `ResourcesBinding` which specifies the beginning of validity for all [Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesStartExpression`. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | +| ResourcesStartExpression optional | **Type** String **Description** Expression based on the `ResourcesBinding` entity type that defines the beginning of validity for all [Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) properties of the context. It can also be defined via `ResourcesStartBinding`. See the [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md) topic for additional information. **Note:** a context rule's start and end dates are ignored when the related identities are also configured with [Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md). | | RiskFactorType optional | **Type** RiskFactorType **Description** Operator used to aggregate a user's risk scores together to compute the user's global risk score. `0` - **None**. `1` - **Max**: a user's final risk score is the maximum value among all their risk scores. `2` - **Average**: a user's final risk score is the average value of all their risk scores. | | SourceEntityType required | **Type** Int64 **Description** Identifier of the entity type of the parent resource. | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/index.md index 08b8f6c4a6..f6877f1fdb 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/index.md @@ -11,19 +11,19 @@ removing user permissions to systems, applications and databases based on the se - [Automation Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md) - Bulk Change -- [ Category ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) -- [ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) +- [Category](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) +- [Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) - [Composite Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerolerule/index.md) -- [ Context ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/context/index.md) -- [ Context Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) -- [ Indirect Resource Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/indirectresourcerule/index.md) -- [ Mining Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md) +- [Context](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/context/index.md) +- [Context Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) +- [Indirect Resource Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/indirectresourcerule/index.md) +- [Mining Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md) - [Policy](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/policy/index.md) -- [ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) -- [ Resource Classification Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) -- [ Resource Correlation Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) +- [Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) +- [Resource Classification Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) +- [Resource Correlation Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) - [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) -- [ Risk ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) -- [ Role Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md) -- [ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) +- [Risk](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) +- [Role Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md) +- [Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) - [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md index 0d10c5826c..8cef0f6414 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md @@ -9,9 +9,9 @@ sidebar_position: 80 After roles are assigned to users, Identity Manager can use mining rules to perform role mining. Role mining means that Identity Manager analyzes existing assignments in order to suggest [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) which will assign -[ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) to certain users matching given criteria. +[Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) to certain users matching given criteria. -The [ Build Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md) replaces the +The [Build Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/buildrolemodeltask/index.md) replaces the existing single role rules in the specified rule policy with the new generated ones. ## Examples diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/policy/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/policy/index.md index d0d945cf24..5f8905350b 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/policy/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/policy/index.md @@ -22,8 +22,8 @@ script in the command line. All `ResourceType`, `SingleRole`, `CompositeRole` and `Category` must belong to a Policy. This is done by specifying the `Policy` attribute. See the [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md), -[ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md), [ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) and -[ Category ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) topics for additional information. +[Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md), [Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) and +[Category](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) topics for additional information. ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md index 4ae5fd3274..441f318c6e 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md @@ -18,12 +18,12 @@ by more than one context over time, even simultaneously. This means that users c one contract, or position, at a time, and that data changes can be anticipated. See the -[ Position Change via Records ](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md)for +[Position Change via Records](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md)for additional information on identity modeling. **Configuration recommendations:** -As record sections cannot be configured without a [ Context Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md), Netwrix +As record sections cannot be configured without a [Context Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md), Netwrix Identity Manager (formerly Usercube) recommends starting with the configuration of the context rule before configuring record sections. @@ -97,7 +97,7 @@ positions. The following example uses the contract start/end dates as default boundaries in users' validity period, instead of those from the default section. See the -[ Onboarding and Offboarding ](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md) +[Onboarding and Offboarding](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/on-offboarding/index.md) topic for additional information. It may be because, for example, HR services do not enter an end date for the personal data of users on permanent contracts. So we prefer to use the start and end dates of their contracts. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md index a5e7bd6d44..5dcdecbe07 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md @@ -7,7 +7,7 @@ sidebar_position: 120 # Resource Correlation Rule A correlation rule is used to correlate the resources, i.e. link resources to their owners. See the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. ## Examples @@ -18,7 +18,7 @@ The following example creates an Active Directory correlation rule based on the ``` - +**** ``` diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md index 6e3922bffc..782421c078 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md @@ -32,7 +32,7 @@ available for one type of action. As the configuration JSON file of an InternalW cannot contain expressions, a resource type can be configured with the ArgumentsExpression attribute to explicit the arguments of provisioning orders, based on conditions and variables. See the [InternalWorkflow](/docs/identitymanager/saas/integration-guide/connectors/references-connectors/internalworkflow/index.md), -[ Compute a Resource Type's Provisioning Arguments ](/docs/identitymanager/saas/integration-guide/provisioning/argumentsexpression/index.md), +[Compute a Resource Type's Provisioning Arguments](/docs/identitymanager/saas/integration-guide/provisioning/argumentsexpression/index.md), and [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md) topics for additional information. The following example computes the identifier of the workflow to launch, based on the provisioning @@ -119,8 +119,11 @@ provisioning to ServiceNow. Then it requires the random identifier computed by S In this case, we want to configure the AD_Entry_AdministrationUser resource type so that a user cannot own an AD administrator account when they do not have an identifier in ServiceNow. -**NOTE:** The DependsOnOwnerProperty of a resource type should only refer to scalar values that are +:::note +The DependsOnOwnerProperty of a resource type should only refer to scalar values that are part of the properties of the SourceEntityType. +::: + The following example is meant to perform an automatic check to prevent the execution of any provisioning order for the creation of an AD administrator account when the user does not have an @@ -176,15 +179,21 @@ source data is changed, the scalar rule computes a new value for sn. There are t ![Example - State 3](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/discardmanualassignments_state3_v602.webp) - **NOTE:** No change in the source data can affect the property's value. However, any manual + :::note + No change in the source data can affect the property's value. However, any manual change made in the managed system will trigger a non-conforming assignment. Then, reconciling the property by choosing to keep Identity Manager's suggested value will make the property's value go back to Calculated and thus follow the changes in the source data. + ::: + - **NOTE:** If DiscardManualAssignments is changed from False to True, then the state of the + :::note + If DiscardManualAssignments is changed from False to True, then the state of the property's value does not matter. Identity Manager applies the rules of the role model, and generates a provisioning order to overwrite the manual change White with the newly computed value Black. + ::: + ![Example - State 4](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/discardmanualassignments_state4_v602.webp) @@ -280,10 +289,10 @@ resource type has previously been correlated to the owner or not. | MaximumInsertPercent default value: 30 | Int32 | Inserted lines threshold in percent. | | MaximumUpdate default value: 0 | Int32 | Updated lines threshold. Sets the maximum number of resources that can be modified within the resource type when running the provisioning job. | | MaximumUpdatePercent default value: 30 | Int32 | Updated lines threshold in percent. | -| P0 default value: false | Boolean | True to indicate that the resource type is parametrized, i.e. there is at least one type rule configured to assign the resource type based on the dimension 0 (up to 3V following the base32hex convention). See the [ Base32 Parameter Names ](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | +| P0 default value: false | Boolean | True to indicate that the resource type is parametrized, i.e. there is at least one type rule configured to assign the resource type based on the dimension 0 (up to 3V following the base32hex convention). See the [Base32 Parameter Names](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | | Policy required | Int64 | Identifier of the policy that the resource type is part of. | | ProlongationWithoutApproval default value: 0 | ProlongationWithoutApproval | Indicates whether the resource type can be extended without any validation. 0 - Inherited: gets the value from the policy. 1 - Enabled. 2 - Disabled. | -| R0 default value: false | Boolean | True to set the dimension 0 (up to 3V following the base32hex convention) as a required parameter when assigning the resource type. See the [ Base32 Parameter Names ](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | +| R0 default value: false | Boolean | True to set the dimension 0 (up to 3V following the base32hex convention) as a required parameter when assigning the resource type. See the [Base32 Parameter Names](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md) topic for additional information. | | RemoveOrphans default value: false | Boolean | True to authorize the deprovisioning of this resource when it does not have an owner. Can only be true when AllowRemove property is also true. | | SourceEntityType required | Int64 | Identifier of the source entity type. | | SuggestAllCorrelations optionalAttribute | Boolean | Allows correlation suggestions for rules with a confidence rate below 100, even if other correlations with a confidence rate above 100 have been found. | @@ -314,7 +323,7 @@ script in the command line. | Binding optional | Int64 | Defines the binding expression to get the file property. | | Policy required | Int64 | Identifier of the policy that the rule is part of. | | Property required | Int64 | Identifier of the property used to represent the file on the target EntityType. | -| SingleRole optional | Int64 | Identifier of the single role. The single role must be assigned to the owner so that the file can be provisioned on the resource. See the [ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for additional information. | +| SingleRole optional | Int64 | Identifier of the single role. The single role must be assigned to the owner so that the file can be provisioned on the resource. See the [Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for additional information. | | TimeOffsetAfterReference default value: 0 | Int32 | Defines the offset after reference (in minutes). | | TimeOffsetBeforeReference default value: 0 | Int32 | Defines the offset before reference (in minutes). | | TimeOffsetReference default value: 0 | TimeOffsetReference | Offset mode defining which dates to use as references, in order to apply the time offset. The time period for which the rule is applied is adjusted accordingly. 0 - Default: the offset inherited from the type rule. 1 - Around: the offset before reference is applied from the start date of the resource, and the offset after reference is applied from the end date. 2 - Before: the offset before and after reference are both applied from the start date of the resource. 3 - After: the offset before and after reference are both applied from the end date of the resource. **NOTE:** in a situation with several binary rules, the order of application is: After, then Before, then Around, then Default. Each rule is able to overwrite those previously applied in case they overlap. _Remember,_ two offsets of the same mode should never overlap. Resources' start and end dates can be configured through record sections and/or context rules. | @@ -329,16 +338,19 @@ resources regardless of the attributes of source resources. A navigation rule is defined by the child element `` of the `` element. -**NOTE:** Both navigation and query rules compute navigation properties. The value of one navigation +:::note +Both navigation and query rules compute navigation properties. The value of one navigation property should be computed by either navigation or query rules, not both. +::: + See the -[ Compute a Navigation Property ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) +[Compute a Navigation Property](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) topic for additional information. ### Examples -Computation based on other properties +**Computation based on other properties** The following example declares a new rule to give the SG_APP_SharePoint_HR_Owner group to all users who had the SharePoint_HR_Owner role. @@ -363,7 +375,7 @@ script in the command line. ``` -Parametrized roles +**Parametrized roles** The role catalog can be optimized by reducing the number of roles, by configuring parametrized roles. See the @@ -377,8 +389,8 @@ Supposing that the 10th dimension (dimension A following the base32hex conventio time slots, the following example creates a single role Access/A_Brune_HR for all time slots. Each time-slot-related entitlement will be assigned to users by configuring one navigation rule per entitlement, using the dimension as a required parameter. See the -[ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) and -[ Base32 Parameter Names ](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)topics for additional information. +[Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) and +[Base32 Parameter Names](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)topics for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -417,12 +429,12 @@ Both navigation and query rules compute navigation properties. The value of one should be computed by either navigation or query rules, not both. See the -[ Compute a Navigation Property ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) +[Compute a Navigation Property](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) topic for additional information. ### Examples -Computation based on other properties +**Computation based on other properties** The following example declares a new rule to compute the parent distinguished name for guest users. Here we do not use source properties, but a literal expression for all guest users. @@ -465,7 +477,7 @@ topic for additional information. ### Examples -Computation based on other properties +**Computation based on other properties** The following example shows two scalar rules. The first one computes users' emails based on AD values. The other one contains a C# expression to compute AccountExpires. @@ -492,7 +504,7 @@ script in the command line. ``` -Computation via a literal expression +**Computation via a literal expression** The following example translates to "the userAccountControl property of a App1_Account of resource type App1_Standard_Account must be equal to 66048. It uses a literal expression. See the @@ -507,11 +519,11 @@ script in the command line. ``` -Binding +**Binding** The Binding attribute complies with the binding expression syntax or the calculation expression syntax. So, it can use the C# language to specify a more complex binding. See the -[ Bindings ](/docs/identitymanager/saas/integration-guide/toolkit/bindings/index.md) and [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md) topics for +[Bindings](/docs/identitymanager/saas/integration-guide/toolkit/bindings/index.md) and [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md) topics for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the @@ -521,7 +533,7 @@ script in the command line. ``` -IsMapped +**IsMapped** Consider a system that we want to connect to Identity Manager, let's call it SYST, using a title property. Consider also that SYST needs to be provisioned with the value of title, but does not @@ -530,7 +542,7 @@ allow any other system to retrieve the said value. In this case, we set `IsMapped` to false so that Identity Manager sends the adequate provisioning order when needed, and then is able to change the provisioning state to **Executed** without synchronization. See the [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) -[ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) topic for additional +[Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) topic for additional information. The following example computes users' title in a given managed system, based on Identity Manager's @@ -543,13 +555,13 @@ script in the command line. ``` -TimeOffset +**TimeOffset** A scalar rule is applied according to reference start and end dates (configured through record sections and context rules), usually users' arrival and departure days. It means that, for a user matching the rule's criteria, a property is to be computed, by default, from the user's arrival day -until their departure day. See the [ Record Section ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) and -[ Context Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) topics for additional information. +until their departure day. See the [Record Section](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/recordsection/index.md) and +[Context Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/contextrule/index.md) topics for additional information. ![Schema - Default Application Period](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/datamodel_scalarrule_timeoffsetdefault.webp) @@ -606,12 +618,15 @@ resources are to be provisioned, i.e. written to the managed system. A resource type rule is defined by the child element `` of the `` element. -**NOTE:** The specification of several resource type rules for one resource type implies the union +:::note +The specification of several resource type rules for one resource type implies the union of all rules, i.e. the combination of all rules (and all sets of criteria) with an OR operator. +::: + ### Examples -With a dimension criterion +**With a dimension criterion** The following rule will assign an App1_Standard_Account resource (resource of type App1_Account) to any User whose organization dimension (dimension binded to column 0) identifier is Marketing. @@ -626,7 +641,7 @@ script in the command line. ``` -With a single role criterion +**With a single role criterion** In addition to dimensions, a single role can be used as a criterion for a rule. @@ -643,7 +658,7 @@ script in the command line. ``` -Without any criterion +**Without any criterion** Di and SingleRole conditions are not mandatory. A type rule with no condition entails the creation of an AssignedResourceType, and hence of a target resource (from the target entity type), for every diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md index 473329c3ad..58fc197061 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md @@ -40,8 +40,8 @@ roles. This optimization will simplify the functional understanding of the role catalog, and speed up Identity Manager's calculations. -Supposing that the 10th [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) (dimension A following the -[ Base32 Parameter Names ](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)) is created for time slots, the +Supposing that the 10th [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) (dimension A following the +[Base32 Parameter Names](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)) is created for time slots, the following example creates a single role `Access/A_Brune_HR` for all time slots. Each time-slot-related entitlement will be assigned to users by configuring one navigation rule per entitlement, using the dimension as a required parameter. @@ -71,7 +71,7 @@ script in the command line. | CommentActivationOnDeclineInReview default value: Inherited | CommentActivationWithInherited | Indicates if a comment is enabled when reviewing a request of the role and deciding to refuse it. `0` - Disabled. `1` - Optional. `2` - Required. `3` - Inherited: comment activation in the associated policy. | | CommentActivationOnDeleteGapInReconciliation default value: Inherited | CommentActivationWithInherited | Indicates if a comment is enabled when reviewing a non-conforming assignment of the role and deciding to delete it. `0` - Disabled. `1` - Optional. `2` - Required. `3` - Inherited: comment activation in the associated policy. | | CommentActivationOnKeepGapInReconciliation default value: Inherited | CommentActivationWithInherited | Indicates if a comment is enabled when reviewing a non-conforming assignment of the role and deciding to keep it. `0` - Disabled. `1` - Optional. `2` - Required. `3` - Inherited: comment activation in the associated policy. | -| D0 optional | Int64 | Value that will be set for the dimension 0 (up to 3V following the [ Base32 Parameter Names ](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)) for all users with the role. | +| D0 optional | Int64 | Value that will be set for the dimension 0 (up to 3V following the [Base32 Parameter Names](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)) for all users with the role. | | Description_L1 optional | String | Detailed description of the single role in language 1 (up to 16). | | DisplayName_L1 required | String | Display name of the single role in language 1 (up to 16). | | EntityType required | Int64 | Identifier of the entity type whose resources can receive the single role. | @@ -83,6 +83,6 @@ script in the command line. | MaxDuration optional | Int32 | Duration (in minutes) after which the role will be automatically revoked, if no earlier end date is specified. It impacts only the roles which are manually assigned after the maximum duration is set. Pre-assigned roles are not impacted. If no duration is set on the role, the `MaxDuration` of the associated policy is applied. If the `MaxDuration` is set to 0 on the role, it prevents the associated policy from applying its `MaxDuration` to it. | | Policy required | Int64 | Identifier of the policy in which the role exists. | | ProlongationWithoutApproval default value: 0 | ProlongationWithoutApproval | Indicates whether the role can be extended without any validation. `0` - Inherited: gets the value from the policy. `1` - Enabled. `2` - Disabled. | -| R0 default value: false | Boolean | `true` to set the dimension 0 (up to 3V following the [ Base32 Parameter Names ](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)) as a required parameter when assigning the role. | +| R0 default value: false | Boolean | `true` to set the dimension 0 (up to 3V following the [Base32 Parameter Names](/docs/identitymanager/saas/integration-guide/toolkit/parameter-names/index.md)) as a required parameter when assigning the role. | | State default value: Manual | RoleState | Mark that differentiates the roles analyzed in the role mining process. `0` - Manual: the role was created manually. `1` - Generated: the role was generated by a role mapping rule. | | Tags optional | String | Label(s) that can later be used to filter the target roles of access certification campaigns. The tag separator is ¤. | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md index 6960d31e1a..4b1fd829d6 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md @@ -26,7 +26,7 @@ script in the command line. | Property | Type | Description | | ----------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| CompositeRole optional | Int64 | Identifier of a [ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) that users must have to trigger the rule. | +| CompositeRole optional | Int64 | Identifier of a [Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) that users must have to trigger the rule. | | D0 optional | Int64 | Value to match for the dimension `D0` (up to `D127`) to trigger the rule. For example, considering that `D0` corresponds to users' countries, then set `D0` to `France` to assign the single role to users whose country is `France`. | | IsDenied default value: false | Boolean | `true` to forbid the assignment instead of applying it. | | L0 default value: false | Boolean | `true` to activate inheritance for `D0` (up to 127). | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/reporting/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/reporting/index.md index eed9664595..b8f0d25e7a 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/reporting/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/reporting/index.md @@ -6,4 +6,4 @@ sidebar_position: 90 # Reporting -- [ Report Query ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/reporting/reportquery/index.md) +- [Report Query](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/reporting/reportquery/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/reporting/reportquery/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/reporting/reportquery/index.md index 18008193f3..5be3d6a55e 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/reporting/reportquery/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/reporting/reportquery/index.md @@ -8,7 +8,7 @@ sidebar_position: 10 Allows the user to define queries to generate a report in a CSV file. When creating a new ReportQuery it is recommended to also create the linked -[ Menu Item ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md). +[Menu Item](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md). ## Examples diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/resources/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/resources/index.md index 75c66029b0..1858025d20 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/resources/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/resources/index.md @@ -6,4 +6,4 @@ sidebar_position: 100 # Resources -- [ Resource ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/resources/resource/index.md) +- [Resource](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/resources/resource/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displayentitytype/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displayentitytype/index.md index a5426b8654..4adee67fa7 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displayentitytype/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displayentitytype/index.md @@ -46,7 +46,7 @@ Entity Types for which a priority isn't set by a `` configura assigned an equally less important priority than the least important priority set by a `` element. -Example +**Example** This example shows how to define priorities between the main Entity Types of the organizational model. The highest priority is assigned to `Directory_User` and the lowest priority to @@ -73,7 +73,7 @@ To configure the priority order for elements in the dropdown in these screens, t remember to take the workflow-entity types in the ` +**** Knowing that we have the following properties: ... diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displaytable/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displaytable/index.md index 8783d05d45..6f1398b2b3 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displaytable/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displaytable/index.md @@ -15,7 +15,7 @@ additional information. Below there are a few examples of display tables. -DisplayTableDesignElement table +**DisplayTableDesignElement table** The following example displays sites as a table. @@ -28,7 +28,7 @@ script in the command line. ![Example - DisplayTableDesignElement Set to Table](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displaytable/displaytabledesignelement_table_v602.webp) -DisplayTableDesignElement list +**DisplayTableDesignElement list** The following example displays users as a list. @@ -41,10 +41,13 @@ script in the command line. ![Example - DisplayTableDesignElement Set to List](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displaytable/displaytabledesignelement_list_v602.webp) -_Remember,_ for resources to be displayed as a list, the display table must also be configured with +:::tip +Remember, for resources to be displayed as a list, the display table must also be configured with tiles. +::: -DisplayTableDesignElement resourcetable + +**DisplayTableDesignElement resourcetable** The following example displays AD entries as a table, with an "Owner/Type" column. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/index.md index b1408c9c81..bb5a01656a 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/index.md @@ -30,13 +30,13 @@ script in the command line. The display settings allow you to adjust the display. -Hide the "Access Permissions" tab +**Hide the "Access Permissions" tab** When `HideRoles` is set to `true`, then the **Access Permissions** tab is not accessible. ![Access Permissions](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/form_hideroles_v603.webp) -Adjust the request type +**Adjust the request type** When `WorkflowRequestType` is set to `Self`, then the finalization step looks like: @@ -46,11 +46,11 @@ When `WorkflowRequestType` is set to `Helpdesk`, then the finalization step look ![WorkflowRequestType = Helpdesk](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/form_requesttypehelpdesk_v603.webp) -Display records in a table +**Display records in a table** ![RecordTable Example](/img/product_docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/form_recordtable_v603.webp) -InputType display +**InputType display** The InputType represents the type of research property, attribute which supports only a predefined set of values listed below: diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/index.md index e577245529..57734332b3 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/index.md @@ -6,12 +6,12 @@ sidebar_position: 40 # User Interface -- [ Display Entity Association ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displayentityassociation/index.md) +- [Display Entity Association](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displayentityassociation/index.md) - [Display Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displayentitytype/index.md) -- [ Display Property Group ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displaypropertygroup/index.md) +- [Display Property Group](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displaypropertygroup/index.md) - [Display Table](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/displaytable/index.md) - [Form](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/index.md) -- [ Indicator ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/indicator/index.md) -- [ Menu Item ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) +- [Indicator](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/indicator/index.md) +- [Menu Item](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) - [Search Bar](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/searchbar/index.md) -- [ Tile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) +- [Tile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/indicator/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/indicator/index.md index fe31e97511..ffe360ee2c 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/indicator/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/indicator/index.md @@ -15,7 +15,7 @@ _Item Value_ according to the _Comparison operator_, as can be seen on the examp The banner is displayed wherever the associated resource appears. For example, if we create an indicator pointing out the risk score of a user, the banner will show -on the left-side of the user [ Tile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) and the user [Form](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/index.md). If we +on the left-side of the user [Tile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) and the user [Form](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/index.md). If we create an indicator pointing out whether an AD account is unused or disabled, the banner will show on the left-side of the AD Entries tile and form. diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md index 2ee92ce2b9..bd6c598ee4 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/aspects/builduniquevalueaspect/index.md @@ -89,7 +89,7 @@ The unicity check rules linked to a same aspect are combined with the AND operat the aspect's iteration goes up when at least one of the rules detects non-unicity. When creating or updating a unicity check rule, launch the -[ Compute Correlation Keys Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) +[Compute Correlation Keys Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computecorrelationkeystask/index.md) before applying the role model and launching workflows. **For information:** Identity Manager needs to store the correlation keys linked to the expressions @@ -115,7 +115,7 @@ We want to check the unicity of the new user's login, compared with the logins o ``` - +**** ``` @@ -172,7 +172,7 @@ not add the domain part, and the target expression removes the domain part from ``` - +**** ``` In this example the homonym is linked to a control [Form](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/index.md) and it -will be applied for the [ Binding ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) included in the Control where +will be applied for the [Binding](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) included in the Control where the homonym is located. Read more about how to configure -[ Workflow Homonym ](/docs/identitymanager/saas/integration-guide/workflows/workflowhomonym/index.md). +[Workflow Homonym](/docs/identitymanager/saas/integration-guide/workflows/workflowhomonym/index.md). ``` @@ -31,7 +31,7 @@ the homonym is located. Read more about how to configure | Property | Details | | ----------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| FormEntityType required | **Type** Int64 **Description** In a [Form](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/index.md), an [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) is defined and the [ Binding ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) of this Form will be loaded from this EntityType. The FormEntityType property represents this EntityType. | +| FormEntityType required | **Type** Int64 **Description** In a [Form](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/index.md), an [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) is defined and the [Binding](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/binding/index.md) of this Form will be loaded from this EntityType. The FormEntityType property represents this EntityType. | | Identifier required | **Type** String **Description** Unique identifier of the HomonymEntityLink. | ## Child Element: Filter @@ -43,6 +43,6 @@ Defines combination of property comparison to use to find homonyms. | Property | Details | | ---------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | ComparisonProperty1 optional | **Type** Int64 **Description** Defines the property used to compare with the form control `Property`. It should not be defined if it the same as the property in the attribute `Property`. Going from 1 to 5. | -| Expression1 optional | **Type** String **Description** Defines the C# expression to apply on the homonymy form controls. The result of the expression evaluation will be compared with the corresponding `ComparisonProperty` using the defined `Operator`. If the `ComparisonProperty` is a computed property, no need to define the expression if it is the same as the one for the computed property. It will be automatically used when finding homonyms. Going from 1 to 5. See the [ C# utility functions ](/docs/identitymanager/saas/integration-guide/toolkit/expressions/csharp-utility-functions/index.md) topic for additional information. | +| Expression1 optional | **Type** String **Description** Defines the C# expression to apply on the homonymy form controls. The result of the expression evaluation will be compared with the corresponding `ComparisonProperty` using the defined `Operator`. If the `ComparisonProperty` is a computed property, no need to define the expression if it is the same as the one for the computed property. It will be automatically used when finding homonyms. Going from 1 to 5. See the [C# utility functions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/csharp-utility-functions/index.md) topic for additional information. | | Operator1 default value: 2 | **Type** QueryComparisonOperator **Description** Defines the operator to use to compare between the `ComparisonProperty` and the `Property` or the `Expression` evaluation result. By default the `Equal` operator is used. Going from 1 to 5. All possible values: `0` - Auto: The `Operator` is calculated by the engine according to the type of element. `1` - NotEqual: finds the elements that are not equal to the desired value. `2` - Equal: finds the elements that are strictly equal to the desired value. `3` - Contain: finds the elements that contain the desired value. `4` - StartWith: finds the elements that start with the desired value. `5` - EndWith: finds the elements that end with the desired value. `6` - NotContain: finds the elements that do not contain the desired value. `7` - NotStartWith: finds the elements that do not start with the desired value. `8` - NotEndWith: finds the elements that do not end with the desired value. `9` - GreaterThan: finds the elements that are greater than the desired value. `10` - LessThan: finds the elements that are less than the desired value. `11` - GreaterThanOrEqual: finds the elements that are greater than or equal to the desired value. `12` - LessThanOrEqual: finds the elements that are less than or equal to the desired value. `*`- Flexible: The `Flexible` operators transform the desired value according to the `FlexibleComparisonExpression` defined in the `EntityProperty` then search. The flexible operators are: `13` - FlexibleEqual `14` - FlexibleContain `15` - FlexibleStartWith `16` - FlexibleEndWith | | Property1 optional | **Type** Int64 **Description** Defines the form control property to use to compare with `ComparisonOperator` using the defined `Operator`. Going from 1 to 5. | diff --git a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/index.md b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/index.md index 3a9aacef90..01f9290e00 100644 --- a/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/index.md +++ b/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/index.md @@ -8,5 +8,5 @@ sidebar_position: 130 - [Aspects](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/aspects/index.md) - [Forms](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/forms/index.md) -- [ Homonym Entity Link ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md) -- [ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) +- [Homonym Entity Link](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md) +- [Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) diff --git a/docs/identitymanager/saas/integration-guide/ui/custom-display-table/index.md b/docs/identitymanager/saas/integration-guide/ui/custom-display-table/index.md index 78d8caf8ad..e8745fabc2 100644 --- a/docs/identitymanager/saas/integration-guide/ui/custom-display-table/index.md +++ b/docs/identitymanager/saas/integration-guide/ui/custom-display-table/index.md @@ -54,10 +54,13 @@ interface. It is therefore necessary to create the different tiles first. After they must be imported into the display table with `` set to ``. Display tables with other values of `` cannot display tiles. -See the[ Tile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) topic for +See the[Tile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) topic for additional information. -_Remember,_ if the display table uses tiles, then you can't use bindings. +:::tip +Remember, if the display table uses tiles, then you can't use bindings. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. diff --git a/docs/identitymanager/saas/integration-guide/ui/custom-forms/index.md b/docs/identitymanager/saas/integration-guide/ui/custom-forms/index.md index e790728a52..c7d4bd0fef 100644 --- a/docs/identitymanager/saas/integration-guide/ui/custom-forms/index.md +++ b/docs/identitymanager/saas/integration-guide/ui/custom-forms/index.md @@ -17,9 +17,9 @@ information. Two scaffoldings generate the view, the display table and the rights to access the entity's resources. -- [ View Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md): +- [View Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md): Creates the display table, the default view and access rights to the entity. -- [ View Template Adaptable ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md): +- [View Template Adaptable](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md): Creates the entity view (designElement = ResourceTable), the report and the rights for a given profile. @@ -36,8 +36,8 @@ interface. The following elements must be in place: -- [ Create Menu Items ](/docs/identitymanager/saas/integration-guide/ui/create-menu-items/index.md) -- [ View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) +- [Create Menu Items](/docs/identitymanager/saas/integration-guide/ui/create-menu-items/index.md) +- [View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) To create the view, you can manipulate one or more forms. The example below shows how to create a view from several different forms. This will allow you to reuse some forms in workflows. @@ -67,8 +67,8 @@ The view form doesn't give access to the view in the interface or the rights to The following elements must be in place: -- [ Create Menu Items ](/docs/identitymanager/saas/integration-guide/ui/create-menu-items/index.md) -- [ View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) +- [Create Menu Items](/docs/identitymanager/saas/integration-guide/ui/create-menu-items/index.md) +- [View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) In the example below, the view form will display all records. To change the filter on the record display, you must change the diff --git a/docs/identitymanager/saas/integration-guide/ui/custom-search-bar/index.md b/docs/identitymanager/saas/integration-guide/ui/custom-search-bar/index.md index b22d94177f..860420900c 100644 --- a/docs/identitymanager/saas/integration-guide/ui/custom-search-bar/index.md +++ b/docs/identitymanager/saas/integration-guide/ui/custom-search-bar/index.md @@ -40,7 +40,7 @@ To add a default filter, you must add both of the following properties to a crit ``` - +**** ``` @@ -53,4 +53,4 @@ Here is the visualization of this criterion on the interface: Each menu item is a link to an entity's workflow displayed under the search bar on the visualization page of the entity's resource list. -See the [ Create Menu Items ](/docs/identitymanager/saas/integration-guide/ui/create-menu-items/index.md)topic for additional information +**See the [Create Menu Items](/docs/identitymanager/saas/integration-guide/ui/create-menu-items/index.md)topic for additional information** diff --git a/docs/identitymanager/saas/integration-guide/ui/how-tos/custom-display-table/index.md b/docs/identitymanager/saas/integration-guide/ui/how-tos/custom-display-table/index.md index 683f0d7c68..700b4e18bf 100644 --- a/docs/identitymanager/saas/integration-guide/ui/how-tos/custom-display-table/index.md +++ b/docs/identitymanager/saas/integration-guide/ui/how-tos/custom-display-table/index.md @@ -48,10 +48,13 @@ interface. It is therefore necessary to create the different tiles first. After they must be imported into the display table with `DisplayTableDesignElement` set to `list`. Display tables with other values of `DisplayTableDesignElement` cannot display tiles. -See the[ Tile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) topic for +See the[Tile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/tile/index.md) topic for additional information. -_Remember,_ if the display table uses tiles, then you can't use bindings. +:::tip +Remember, if the display table uses tiles, then you can't use bindings. +::: + Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. diff --git a/docs/identitymanager/saas/integration-guide/ui/how-tos/custom-forms/index.md b/docs/identitymanager/saas/integration-guide/ui/how-tos/custom-forms/index.md index 00807610d2..c7355787a3 100644 --- a/docs/identitymanager/saas/integration-guide/ui/how-tos/custom-forms/index.md +++ b/docs/identitymanager/saas/integration-guide/ui/how-tos/custom-forms/index.md @@ -11,9 +11,9 @@ information. Two scaffoldings generate the view, the display table and the rights to access the entity's resources. -- [ View Template ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md): +- [View Template](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplate/index.md): Creates the display table, the default view and access rights to the entity. -- [ View Template Adaptable ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md): +- [View Template Adaptable](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/templates/viewtemplateadaptable/index.md): Creates the entity view (designElement = ResourceTable), the report and the rights for a given profile. @@ -30,8 +30,8 @@ interface. The following elements must be in place: -- [ Create Menu Items ](/docs/identitymanager/saas/integration-guide/ui/how-tos/create-menu-items/index.md) -- [ View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) +- [Create Menu Items](/docs/identitymanager/saas/integration-guide/ui/how-tos/create-menu-items/index.md) +- [View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) To create the view, you can manipulate one or more forms. The example below shows how to create a view from several different forms. This will allow you to reuse some forms in workflows. @@ -61,8 +61,8 @@ The view form doesn't give access to the view in the interface or the rights to The following elements must be in place: -- [ Create Menu Items ](/docs/identitymanager/saas/integration-guide/ui/how-tos/create-menu-items/index.md) -- [ View Access Control Rules ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) +- [Create Menu Items](/docs/identitymanager/saas/integration-guide/ui/how-tos/create-menu-items/index.md) +- [View Access Control Rules](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/configuration/scaffoldings/accesscontrolrules/resources/viewaccesscontrolrules/index.md) In the example below, the view form will display all records. To change the filter on the record display, you must change the diff --git a/docs/identitymanager/saas/integration-guide/ui/how-tos/custom-search-bar/index.md b/docs/identitymanager/saas/integration-guide/ui/how-tos/custom-search-bar/index.md index ca8738d5d2..e6fc37bc70 100644 --- a/docs/identitymanager/saas/integration-guide/ui/how-tos/custom-search-bar/index.md +++ b/docs/identitymanager/saas/integration-guide/ui/how-tos/custom-search-bar/index.md @@ -35,7 +35,7 @@ To add a default filter, you must add both of the following properties to a ``` - +**** ``` @@ -48,4 +48,4 @@ Here is the visualization of this criterion on the interface: Each menu item is a link to an entity's workflow displayed under the search bar on the visualization page of the entity's resource list. -See the [ Create Menu Items ](/docs/identitymanager/saas/integration-guide/ui/how-tos/create-menu-items/index.md)topic for additional information +**See the [Create Menu Items](/docs/identitymanager/saas/integration-guide/ui/how-tos/create-menu-items/index.md)topic for additional information** diff --git a/docs/identitymanager/saas/integration-guide/ui/how-tos/producttranslations/index.md b/docs/identitymanager/saas/integration-guide/ui/how-tos/producttranslations/index.md index 65f186a019..c4ede58762 100644 --- a/docs/identitymanager/saas/integration-guide/ui/how-tos/producttranslations/index.md +++ b/docs/identitymanager/saas/integration-guide/ui/how-tos/producttranslations/index.md @@ -10,7 +10,7 @@ The translations are given to Identity Manager in a JSON file, through the confi tool. This section first explains how to write the JSON file, then how to use it with the deployment tool. -JSON translation file format +**JSON translation file format** Example with the translation keys`accessCertificationReview.recommendation.manuallyAuthorized`, `app.common.button.create.label` and `app.common.labels.whenCreated`: @@ -30,7 +30,7 @@ The JSON file must only contain string properties: no object, array or number. The properties' name must match the wanted translation keys. -Find the translation keys +**Find the translation keys** A translation key is an identifier for a given translation: Identity Manager uses those keys to find the translation it needs in the interface. diff --git a/docs/identitymanager/saas/integration-guide/ui/producttranslations/index.md b/docs/identitymanager/saas/integration-guide/ui/producttranslations/index.md index 3e50473927..b5dad8fca2 100644 --- a/docs/identitymanager/saas/integration-guide/ui/producttranslations/index.md +++ b/docs/identitymanager/saas/integration-guide/ui/producttranslations/index.md @@ -16,7 +16,7 @@ The translations are given to Identity Manager in a JSON file, through the confi tool. This section first explains how to write the JSON file, then how to use it with the deployment tool. -JSON translation file format +**JSON translation file format** Example with the translation keys`accessCertificationReview.recommendation.manuallyAuthorized`, `app.common.button.create.label` and `app.common.labels.whenCreated`: @@ -36,7 +36,7 @@ The JSON file must only contain string properties: no object, array or number. The properties' name must match the wanted translation keys. -Find the translation keys +**Find the translation keys** A translation key is an identifier for a given translation: Identity Manager uses those keys to find the translation it needs in the interface. diff --git a/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md b/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md index ee7a19c827..89f414ede8 100644 --- a/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md +++ b/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md @@ -7,7 +7,7 @@ sidebar_position: 10 # Activity Templates This section describes the activities that constitute and model a -[ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md). Each activity is assigned +[Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md). Each activity is assigned a template, made of states and transitions. ## Overview diff --git a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/configure-homonym-test/index.md b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/configure-homonym-test/index.md index 45f64601a0..3a33aed11a 100644 --- a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/configure-homonym-test/index.md +++ b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/configure-homonym-test/index.md @@ -34,7 +34,7 @@ information. ### With customized filters -[ Homonym Entity Link ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md)filters +[Homonym Entity Link](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md)filters allow to define customized filters for a homonym search. #### Simple filter diff --git a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/index.md b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/index.md index 1bbef2e690..90558af767 100644 --- a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/index.md +++ b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/index.md @@ -7,12 +7,12 @@ sidebar_position: 20 # How To Create a Workflow This guide shows how to create a -[ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) through the XML +[Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) through the XML configuration. ## Process -1. Declare a new [ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) with +1. Declare a new [Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) with given activities following Identity Manager's activity templates. 2. Configure the input [Form](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/form/index.md) with the right output type according to the purpose of the workflow. diff --git a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-create-mono/index.md b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-create-mono/index.md index 35fd00ecff..b89feae5fe 100644 --- a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-create-mono/index.md +++ b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-create-mono/index.md @@ -7,12 +7,12 @@ sidebar_position: 10 # For Resource Creation (Mono Record) This section guides you through the procedure for the creation of a -[ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) to create a new +[Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) to create a new resource with a unique record. ## Declare a Workflow -This [ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of four +This [Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of four activities: 1. `Action With Refine`: sends the creation request with a possibility of delegation. @@ -22,7 +22,7 @@ activities: from another user. 4. `Persist`: saves the collected data and triggers provisioning. -See the [ Activity Templates ](/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md) topic for additional information. +See the [Activity Templates](/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md) topic for additional information. The example below creates a workflow to create a new worker. @@ -91,7 +91,7 @@ A `WorkflowCreateRecordEntityForm` requires the following child elements: The `MainControl` attribute is here an empty container because we configure all personal data, contracts and positions as records to be able to anticipate changes for example. The line with the empty `MainControl` is not mandatory. See the -[ Position Change via Records ](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md)topic +[Position Change via Records](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md)topic for additional information. - `RecordControl` that defines record data, and calls the form created previously. See the For @@ -135,7 +135,7 @@ for the whole creation request and review from the previously created workflow: ``` - +**** Permissions for the Request activity: @@ -147,7 +147,7 @@ for the whole creation request and review from the previously created workflow: ## Create Menu Items in the UI -[ Menu Item ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md)must be defined to +[Menu Item](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md)must be defined to make the workflow accessible in the UI. Creating a new resource, an interesting location for this workflow could be the users list page. diff --git a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-create-multi/index.md b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-create-multi/index.md index 949b4718be..ffb5623d4d 100644 --- a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-create-multi/index.md +++ b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-create-multi/index.md @@ -11,7 +11,7 @@ resource with several records. ## Declare a Workflow -This [ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of four +This [Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of four activities: 1. `Action With Refine`: sends the creation request with a possibility of delegation. @@ -21,7 +21,7 @@ activities: from another user. 4. `Persist`: saves the collected data and triggers provisioning. -See the [ Activity Templates ](/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md) topic for additional information. +See the [Activity Templates](/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md) topic for additional information. The example below creates a workflow to create a new helpdesk worker, with the possibility to create several records at once for said worker. @@ -103,7 +103,7 @@ would be part of the form called by `RecordUniqueItemControl` instead of `Record In a situation where positions, contracts and personal data are all configured as records because we want to be able to anticipate changes for example, then there would not be any data shared by all records. Then `RecordControl` would be empty. See the -[ Position Change via Records ](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) +[Position Change via Records](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md) topic for additional information. > ``` @@ -131,7 +131,7 @@ topic for additional information. ## Assign the Right Permissions Some profiles must get specific permissions so that the workflow is visible and usable by the right -users. Read about [ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md)s +users. Read about [Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md)s permissions. Below is an example of an access control rule where the `Administrator` profile gets the permissions @@ -139,7 +139,7 @@ for the whole creation request and review from the previously created workflow: ``` - +**** Permissions for the Request activity: @@ -151,7 +151,7 @@ for the whole creation request and review from the previously created workflow: ## Create Menu Items in the UI -[ Menu Item ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined +[Menu Item](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined to make the workflow accessible in the UI. Creating a new resource, an interesting location for this workflow could be the users list page. diff --git a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-update-mono/index.md b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-update-mono/index.md index 76a569b34c..03e8e7e55b 100644 --- a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-update-mono/index.md +++ b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-update-mono/index.md @@ -11,14 +11,14 @@ replacement of the unique record of an existing resource with a new one. ## Declare a Workflow -This [ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of two +This [Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of two activities: 1. `Action With Refine`: sends the resource's record update request with a possibility of delegation. 2. `Persist`: saves the collected data and triggers provisioning. -See the [ Activity Templates ](/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md) topic for additional information. +See the [Activity Templates](/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md) topic for additional information. The example below creates a workflow to update only the user's name. @@ -89,7 +89,7 @@ not involved in the changes of this workflow. ## Assign the Right Permissions Some profiles must get specific permissions so that the workflow is visible and usable by the right -users. Read about [ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md)s +users. Read about [Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md)s permissions. Below is an example of an access control rule where the `Administrator` profile gets the permissions @@ -103,7 +103,7 @@ for the whole update request from the previously created workflow: ## Create Menu Items in the UI -[ Menu Item ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined +[Menu Item](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined to make the workflow accessible in the UI. Updating an existing resource, this workflow manages one given resource at a time. Hence an diff --git a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-update-multi/index.md b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-update-multi/index.md index 6f3661395e..ea9f9d8738 100644 --- a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-update-multi/index.md +++ b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-update-multi/index.md @@ -11,7 +11,7 @@ resource through its several records. ## Declare a Workflow -This [ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of three +This [Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of three activities: 1. `Action With Refine`: sends the resource's records update request with a possibility of @@ -20,7 +20,7 @@ activities: another user. 3. `Persist`: saves the collected data and triggers provisioning. -See the [ Activity Templates ](/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md) topic for additional information. +See the [Activity Templates](/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md) topic for additional information. The example below creates a workflow to update the records of an existing user: @@ -134,7 +134,7 @@ copies part of the main record to pre-fill the fields of `RecordUniqueControl`. ## Assign the Right Permissions Some profiles must get specific permissions so that the workflow is visible and usable by the right -users. Read about [ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md)s +users. Read about [Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md)s permissions. Below is an example of an access control rule where the `Administrator` profile gets the permissions @@ -148,7 +148,7 @@ for the whole update request from the previously created workflow: ## Create Menu Items in the UI -[ Menu Item ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined +[Menu Item](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined to make the workflow accessible in the UI. Updating an existing resource, this workflow manages one given resource at a time. Hence an @@ -174,7 +174,7 @@ For each workflow, it is possible to add aspects according to the workflow's pur ## Homonym Detection (Optional) To perform a homonymy check on a workflow and thus prevent user duplicates,see the -[ Configure a Homonym Detection ](/docs/identitymanager/saas/integration-guide/workflows/create-workflow/configure-homonym-test/index.md) topic for additional information. +[Configure a Homonym Detection](/docs/identitymanager/saas/integration-guide/workflows/create-workflow/configure-homonym-test/index.md) topic for additional information. When using records, the homonym detection displays the list of records and not just the list of users. diff --git a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-update-resource/index.md b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-update-resource/index.md index 58e0108545..7f67bed208 100644 --- a/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-update-resource/index.md +++ b/docs/identitymanager/saas/integration-guide/workflows/create-workflow/workflow-update-resource/index.md @@ -11,13 +11,13 @@ resource, i.e. to update, within a given resource, properties that do not involv ## Declare a Workflow -This [ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of two +This [Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is made of two activities: 1. `Action With Refine`: sends the resource's update request with a possibility of delegation. 2. `Persist`: saves the collected data and triggers provisioning. -See the [ Activity Templates ](/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md) topic for additional information. +See the [Activity Templates](/docs/identitymanager/saas/integration-guide/workflows/activity-templates/index.md) topic for additional information. The example below creates a workflow to update only the user's `IsDraft` attribute. @@ -88,7 +88,7 @@ displays the `IsDraft` attribute that the user just changed: ## Assign the Right Permissions Some profiles must get specific permissions so that the workflow is visible and usable by the right -users. Read about the [ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) +users. Read about the [Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) permissions. Below is an example of an access control rule where the `Administrator` profile gets the permissions @@ -102,7 +102,7 @@ for the whole update request from the previously created workflow: ## Create Menu Items in the UI -[ Menu Item ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined +[Menu Item](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/user-interface/menuitem/index.md) must be defined to make the workflow accessible in the UI. Updating an existing resource, this workflow manages one given resource at a time. Hence an diff --git a/docs/identitymanager/saas/integration-guide/workflows/index.md b/docs/identitymanager/saas/integration-guide/workflows/index.md index 753fba0e4e..6fedd6ba6f 100644 --- a/docs/identitymanager/saas/integration-guide/workflows/index.md +++ b/docs/identitymanager/saas/integration-guide/workflows/index.md @@ -40,7 +40,7 @@ A workflow is made of several elements: ### Technical principles - A workflow is linked to - one[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and concerns only + one[Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) and concerns only resources from said entity type. For example, a workflow can be linked to `Directory_User` or `Directory_Department` according to the workflow's purpose, but not both together. - The aim of a workflow is to get input data (either a form or just an approval) from users involved diff --git a/docs/identitymanager/saas/integration-guide/workflows/workflow-uses/index.md b/docs/identitymanager/saas/integration-guide/workflows/workflow-uses/index.md index 919e0d7762..5f05ca6e9b 100644 --- a/docs/identitymanager/saas/integration-guide/workflows/workflow-uses/index.md +++ b/docs/identitymanager/saas/integration-guide/workflows/workflow-uses/index.md @@ -6,13 +6,13 @@ sidebar_position: 30 # Workflow Uses -An Identity Manager [ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is the +An Identity Manager [Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) is the sequence of processes that a company has established to manage identities across the organization. Workflows makes an approval business process more efficient by managing and tracking all of the human tasks involved with the process and by providing a record of the process after it is completed. -The identity management [ Workflow ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) +The identity management [Workflow](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/workflow/index.md) can be broken into four key areas: ## 1. Onboarding diff --git a/docs/identitymanager/saas/integration-guide/workflows/workflowhomonym/index.md b/docs/identitymanager/saas/integration-guide/workflows/workflowhomonym/index.md index bcb6559a54..40da26ce7d 100644 --- a/docs/identitymanager/saas/integration-guide/workflows/workflowhomonym/index.md +++ b/docs/identitymanager/saas/integration-guide/workflows/workflowhomonym/index.md @@ -17,7 +17,7 @@ system, preventing duplicates. ## Create a Homonym Entity Link -A [ Homonym Entity Link ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md) +A [Homonym Entity Link](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md) defines a new homonym detection to be performed in a workflow form. It can be defined in different ways. @@ -33,7 +33,7 @@ according to the homonym control form. See section below. ### With customized filters -[ Homonym Entity Link ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md)filters +[Homonym Entity Link](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md)filters allow to define customized filters for a homonym detection. #### Simple filter @@ -166,7 +166,7 @@ be checked must contain a layout fieldset control where: When the homonym entity link has no filter set and therefore the filter is calculated automatically, the homonym control form must only contain up to 5 controls where `Binding` attribute is defined. Indeed, a filter can only be defined on up to 5 properties, see filter definition in -[ Homonym Entity Link ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md). +[Homonym Entity Link](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/workflows/homonymentitylink/index.md). ``` diff --git a/docs/identitymanager/saas/introduction-guide/architecture/index.md b/docs/identitymanager/saas/introduction-guide/architecture/index.md index 5bcb81b479..e5037376e2 100644 --- a/docs/identitymanager/saas/introduction-guide/architecture/index.md +++ b/docs/identitymanager/saas/introduction-guide/architecture/index.md @@ -41,7 +41,7 @@ Let's learn about Identity Manager [Configuration](/docs/identitymanager/saas/in ## Learn More -Learn more on Identity Manager's Architecture . +Learn more on Identity Manager's Architecture. See the [Network Configuration](/docs/identitymanager/saas/integration-guide/network-configuration/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/introduction-guide/configuration/index.md b/docs/identitymanager/saas/introduction-guide/configuration/index.md index 67372c9339..f8265367d3 100644 --- a/docs/identitymanager/saas/introduction-guide/configuration/index.md +++ b/docs/identitymanager/saas/introduction-guide/configuration/index.md @@ -43,21 +43,16 @@ This is the end of the introduction guide, so you should now be able to dive int ## Learn More -Learn more on how to -[ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md). +Learn more on how to [Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md). See the [User Guide](/docs/identitymanager/saas/user-guide/index.md) topic to learn how to configure Identity Manager from scratch via the UI. -See how to -[ Export the Configuration ](/docs/identitymanager/saas/integration-guide/toolkit/export-configuration/index.md) +See how to [Export the Configuration](/docs/identitymanager/saas/integration-guide/toolkit/export-configuration/index.md) to XML files. -See how to -[ Deploy the Configuration ](/docs/identitymanager/saas/integration-guide/toolkit/deploy-configuration/index.md). +See how to [Deploy the Configuration](/docs/identitymanager/saas/integration-guide/toolkit/deploy-configuration/index.md). -Learn more about the -[ XML Configuration Schema ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/index.md). +Learn more about the [XML Configuration Schema](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/index.md). -Learn more about the -[Network Configuration](/docs/identitymanager/saas/integration-guide/network-configuration/index.md). +Learn more about the [Network Configuration](/docs/identitymanager/saas/integration-guide/network-configuration/index.md). diff --git a/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md b/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md index 7550821fbd..d623af8e8a 100644 --- a/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md +++ b/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md @@ -63,7 +63,7 @@ automatically assign roles to users, or to categorize users and accounts, etc. ### Provisioning rules Just like identities, accounts are represented in Identity Manager by an -[ Identity Management ](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md) entity-relationship model. So Identity +[Identity Management](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md) entity-relationship model. So Identity Manager manages entitlements as resources' attribute values. > For example, giving specific Active Directory permissions to a new user means not only creating a @@ -138,7 +138,7 @@ assignments that do not comply with the configured rules. Rules can be triggered based on users' assigned roles, but also based on user data. -The [ Identity Management ](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md) model can be refined by configuring +The [Identity Management](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md) model can be refined by configuring dimensions: criteria from among resources' [attributes](https://en.wikipedia.org/wiki/Attribute-based_access_control) that will trigger the application of the rules. Then Identity Manager applies the rule for any resource whose value for a @@ -174,22 +174,16 @@ See the [Governance](/docs/identitymanager/saas/introduction-guide/overview/gove ## Learn More -Learn more on the [ Role Model ](/docs/identitymanager/saas/integration-guide/role-model/index.md). +Learn more on the [Role Model](/docs/identitymanager/saas/integration-guide/role-model/index.md). -Learn how to -[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md). +Learn how to [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md). -Learn more on hoe to -[Create a Composite Role](/docs/identitymanager/saas/user-guide/optimize/composite-role-creation/index.md). +Learn more on how to [Create a Composite Role](/docs/identitymanager/saas/user-guide/optimize/composite-role-creation/index.md). Learn more on [Role Assignment](/docs/identitymanager/saas/integration-guide/role-assignment/index.md). -Learn more on -[ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md). +Learn more on [Create a Provisioning Rule](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md). -Learn more on -[ Automate Role Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) -rules. +Learn more on [Automate Role Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) rules. -Learn more on the rules of -[ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md). +Learn more on the rules of [Categorize Resource ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md). diff --git a/docs/identitymanager/saas/introduction-guide/overview/governance/index.md b/docs/identitymanager/saas/introduction-guide/overview/governance/index.md index adf7931a4a..1ac3f40c44 100644 --- a/docs/identitymanager/saas/introduction-guide/overview/governance/index.md +++ b/docs/identitymanager/saas/introduction-guide/overview/governance/index.md @@ -34,15 +34,14 @@ certification campaigns, risk management or reporting. ## Next Steps -Let's read some [ Use Case Stories ](/docs/identitymanager/saas/introduction-guide/overview/use-cases/index.md). +Let's read some [Use Case Stories](/docs/identitymanager/saas/introduction-guide/overview/use-cases/index.md). ## Learn More Learn more on [Governance](/docs/identitymanager/saas/integration-guide/governance/index.md). -Learn more on how to [ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md). +Learn more on how to [Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md). -Learn more on -[ Perform Access Certification ](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md). +Learn more on [Perform Access Certification](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md). -Learn more on how to [ Manage Risks ](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md). +Learn more on how to [Manage Risks](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md). diff --git a/docs/identitymanager/saas/introduction-guide/overview/index.md b/docs/identitymanager/saas/introduction-guide/overview/index.md index 3b4dd05b53..42b00f49f8 100644 --- a/docs/identitymanager/saas/introduction-guide/overview/index.md +++ b/docs/identitymanager/saas/introduction-guide/overview/index.md @@ -27,7 +27,7 @@ We could explain Identity Manager's purpose like this: Typically, Identity Manager manages entitlements automatically according to a user's needs, for example Active Directory group memberships. ---- +**---** **First, we need to manage identities.** @@ -46,10 +46,10 @@ technology required for IGA-related data flows. ![Connectors](/img/product_docs/identitymanager/saas/introduction-guide/overview/overview_connectors.webp) -See more details on [ Identity Management ](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md) and connection between +See more details on [Identity Management](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md) and connection between systems. ---- +**---** **Then, we need to manage entitlements, in other words access rights, or permissions.** @@ -67,7 +67,7 @@ rules. ![Calculation](/img/product_docs/identitymanager/saas/introduction-guide/overview/overview_calculation.webp) ---- +**---** **Finally, we need to actually give identities their entitlements and then govern them.** @@ -82,7 +82,7 @@ Furthermore, Identity Manager provides a few workflows for entitlement request o modification, which often include approval from a third party, hence identities get their entitlements securely. -See the [ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional +See the [Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Thanks to the role model and data flows between Identity Manager and the managed systems, Identity diff --git a/docs/identitymanager/saas/introduction-guide/overview/use-cases/index.md b/docs/identitymanager/saas/introduction-guide/overview/use-cases/index.md index 7b4fd4487c..cf2f6cb914 100644 --- a/docs/identitymanager/saas/introduction-guide/overview/use-cases/index.md +++ b/docs/identitymanager/saas/introduction-guide/overview/use-cases/index.md @@ -62,4 +62,4 @@ entitlements he needs in order to work, but not more to prevent security breache ## Next Steps -Let's learn about Identity Manager [ Architecture ](/docs/identitymanager/saas/introduction-guide/architecture/index.md). +Let's learn about Identity Manager [Architecture](/docs/identitymanager/saas/introduction-guide/architecture/index.md). diff --git a/docs/identitymanager/saas/migration-guide/index.md b/docs/identitymanager/saas/migration-guide/index.md index 85d3eedd87..7cb4595eb4 100644 --- a/docs/identitymanager/saas/migration-guide/index.md +++ b/docs/identitymanager/saas/migration-guide/index.md @@ -9,9 +9,12 @@ sidebar_position: 50 This guide is designed to provide step-by-step procedures in order to migrate Identity Manager from your current version to the latest one. -**NOTE:** For the latest SaaS versions, if you are using the administrator scaffolding the necessary +:::note +For the latest SaaS versions, if you are using the administrator scaffolding the necessary permissions for the update are added to the administrator scaffolding and they will be taken into account the next time the configuration is deployed. +::: + ## General Upgrade Instructions for the Server with Integrated Agent diff --git a/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-execution/index.md b/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-execution/index.md index 3ef2109b00..56546c191a 100644 --- a/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-execution/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-execution/index.md @@ -27,7 +27,7 @@ scheduling. | Input | Output | | ----------------------------------------------------------------------------------------------- | ---------------- | -| [ Schedule a Certification Campaign ](/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md) (required) | Certified access | +| [Schedule a Certification Campaign](/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md) (required) | Certified access | ## Execute Certification diff --git a/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md b/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md index 4e1c763514..0909bc73c7 100644 --- a/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md @@ -37,14 +37,14 @@ know which entitlements need to be reviewed. | Input | Output | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------- | -| Identity repository (required) [ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md)(optional) [ Manage Risks ](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md)(optional) | Certified access | +| Identity repository (required) [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md)(optional) [Manage Risks](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md)(optional) | Certified access | -See the[ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md)topic +See the[Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md)topic for additional information. ## Perform Access Certification Perform access certification by proceeding as follows: -1. [ Schedule a Certification Campaign ](/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md). -2. [ Execute a Certification Campaign ](/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-execution/index.md). +1. [Schedule a Certification Campaign](/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md). +2. [Execute a Certification Campaign](/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-execution/index.md). diff --git a/docs/identitymanager/saas/user-guide/administrate/assigned-roles/index.md b/docs/identitymanager/saas/user-guide/administrate/assigned-roles/index.md index 7576a9b3a4..1a561bd069 100644 --- a/docs/identitymanager/saas/user-guide/administrate/assigned-roles/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/assigned-roles/index.md @@ -8,8 +8,11 @@ sidebar_position: 70 How to review user permissions grouped by categories. -**NOTE:** **Assigned Roles** is currently in a preview state and additional functionality will be +:::note +**Assigned Roles** is currently in a preview state and additional functionality will be added in a future release. +::: + ## Overview @@ -28,14 +31,11 @@ You can review all assigned single roles by category. Through filters you can ch ## Participants and Artifacts This operation should be performed by a user with the right permissions. See the -[ Configure a User Profile ](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topic for additional +[Configure a User Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. The following example provides the rights for the Administrator profile to see the Assigned Roles -page on the **Entity Type** directory user. See the -[ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) and -[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topics for -additional information. +page on the **Entity Type** directory user. See the [Create a Provisioning Rule](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) and [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topics for additional information. Code attributes enclosed with `<>` need to be replaced with a custom value before entering the script in the command line. @@ -54,8 +54,7 @@ Review the Assigned Roles by proceeding as follows: ![assignedrolesscreen](/img/product_docs/identitymanager/saas/user-guide/administrate/assigned-roles/assignedrolesscreen.webp) -**Step 2 –** View the list of users with different assigned roles and filter them by **Entity -Type**, **Workflow State**, **Policy**, **Role**or by using a custom filter. +**Step 2 –** View the list of users with different assigned roles and filter them by **Entity Type**, **Workflow State**, **Policy**, **Role** or by using a custom filter. **Step 3 –** Download an .xlsx file list of the **Assigned Roles** users according to the selected filters. diff --git a/docs/identitymanager/saas/user-guide/administrate/index.md b/docs/identitymanager/saas/user-guide/administrate/index.md index eb5b35e286..ce13ab3e69 100644 --- a/docs/identitymanager/saas/user-guide/administrate/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/index.md @@ -8,7 +8,7 @@ sidebar_position: 30 In the Admin section you can do the following: -- [ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) +- [Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) How to use Identity Manager's reporting modules to produce IGA reports for auditing and governance purposes. @@ -21,57 +21,57 @@ In the Admin section you can do the following: How to write to a managed system. -- [ Review Provisioning ](/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md) +- [Review Provisioning](/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md) How to review provisioning orders before generation. -- [ Provision Manually ](/docs/identitymanager/saas/user-guide/administrate/provisioning/manual-provisioning/index.md) +- [Provision Manually](/docs/identitymanager/saas/user-guide/administrate/provisioning/manual-provisioning/index.md) How to use Identity Managerto manually write to the managed systems. -- [ Provision Automatically ](/docs/identitymanager/saas/user-guide/administrate/provisioning/automatic-provisioning/index.md) +- [Provision Automatically](/docs/identitymanager/saas/user-guide/administrate/provisioning/automatic-provisioning/index.md) How to use Identity Manager to automatically write to the managed systems. -- [ Review Non-conforming Assignments ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/index.md) +- [Review Non-conforming Assignments](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/index.md) How to review non-conforming assignments, i.e. approve or decline the suggestions made by Identity Manager after every synchronization. The aim is to handle the differences between the values from the managed systems and those computed by Identity Manager's role model. -- [ Reconcile a Role ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) +- [Reconcile a Role](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) How to review non-conforming permissions, i.e. approve or decline the role suggestions made by Identity Manager after every synchronization. The aim is to handle the differences between the navigation values from the managed systems and those computed by Identity Manager according to the role catalog. -- [ Reconcile a Property ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) +- [Reconcile a Property](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) How to review unreconciled properties. The aim is to handle the differences between the property values from the managed systems and those computed by Identity Manager according to provisioning rules. -- [ Review an Unauthorized Account ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md) +- [Review an Unauthorized Account](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md) How to remediate unauthorized accounts. The aim is to review the accounts whose assignments don't comply with the rules of the role model. -- [ Perform Access Certification ](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md) +- [Perform Access Certification](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md) How to certify existing access by reviewing a specific range of assigned permissions for auditing purposes. -- [ Schedule a Certification Campaign ](/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md) +- [Schedule a Certification Campaign](/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md) How to create and schedule access certification campaigns, defining their scope. -- [ Execute a Certification Campaign ](/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-execution/index.md) +- [Execute a Certification Campaign](/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-execution/index.md) How to execute access certification campaigns, i.e. review specific entitlement assignments and deprovision inappropriate access. -- [ Request Entitlement Assignment ](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md) +- [Request Entitlement Assignment](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md) How to send a manual request to add, update or remove an entitlement for an identity. diff --git a/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md b/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md index 0ee61fe89f..c3cfb92878 100644 --- a/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md @@ -26,8 +26,8 @@ manager, and on some occasions by the involved application owner. | ------------------------------------------------------ | -------------------- | | Identity repository (required) Role Catalog (required) | Updated entitlements | -See the [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) and -[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topics for +See the [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) and +[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topics for additional information. ## View Identity's Entitlements diff --git a/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/index.md b/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/index.md index bd1f821b91..0d671508d9 100644 --- a/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/index.md @@ -6,9 +6,7 @@ sidebar_position: 40 # Review Non-conforming Assignments -How to review non-conforming assignments, i.e. approve or decline the suggestions made by Identity -Manager after every synchronization. The aim is to handle the differences between the values from -the managed systems and those computed by Identity Manager's role model. +How to review non-conforming assignments, i.e. approve or decline the suggestions made by Identity Manager after every synchronization. The aim is to handle the differences between the values from the managed systems and those computed by Identity Manager's role model. ## Overview @@ -21,21 +19,13 @@ Integrators must review three main types of non-conforming entitlement assignmen - Unauthorized accounts: no rule from the role model can justify their actual assignment to an identity. -Unreconciled properties, unauthorized accounts and non-conforming roles are part of -[Non-Conforming Assignments](/docs/identitymanager/saas/integration-guide/role-assignment/nonconformingdetection/index.md). -The global aim of the review is to handle the gaps between the -[ Existing Assignments ](/docs/identitymanager/saas/integration-guide/role-assignment/existingassignmentsdeduction/index.md) -(real values) and the -[ Conforming Assignments ](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md) -(theoretical values computed by Identity Manager from the role model rules). +Unreconciled properties, unauthorized accounts and non-conforming roles are part of [Non-Conforming Assignments](/docs/identitymanager/saas/integration-guide/role-assignment/nonconformingdetection/index.md). +The global aim of the review is to handle the gaps between the [Existing Assignments](/docs/identitymanager/saas/integration-guide/role-assignment/existingassignmentsdeduction/index.md) (real values) and the [Conforming Assignments](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md) (theoretical values computed by Identity Manager from the role model rules). A high number of non-conforming assignments can come from an issue in configuration rules. -Non-conforming roles and unauthorized accounts can be mass reviewed through -[Automate the Review of Non-conforming Assignments](/docs/identitymanager/saas/user-guide/optimize/non-conforming-assignment-review-automation/index.md). -See the -[Automate the Review of Non-conforming Assignments](/docs/identitymanager/saas/user-guide/optimize/non-conforming-assignment-review-automation/index.md) -topic for additional information. +Non-conforming roles and unauthorized accounts can be mass reviewed through [Automate the Review of Non-conforming Assignments](/docs/identitymanager/saas/user-guide/optimize/non-conforming-assignment-review-automation/index.md). +See the [Automate the Review of Non-conforming Assignments](/docs/identitymanager/saas/user-guide/optimize/non-conforming-assignment-review-automation/index.md) topic for additional information. ## Participants and Artifacts @@ -49,28 +39,20 @@ applications' entitlements (technical side), and/or managers who know their team ### Pre-existing assignments vs. non-conforming assignments -The assignments specified as non-conforming during the very first execution of the role model are -called pre-existing assignments. Pre-existing assignments are tagged differently from other -non-conforming assignments by the -[ Save Pre-Existing Access Rights Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md) -because they can indicate that: +The assignments specified as non-conforming during the very first execution of the role model are called pre-existing assignments. Pre-existing assignments are tagged differently from other non-conforming assignments by the [Save Pre-Existing Access Rights Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/savepreexistingaccessrightstask/index.md) because they can indicate that: - The rules are not optimal yet. - Data in the managed system needs more cleanup. -Obviously, pre-existing assignments can also prove to be exceptions to the rules, like -non-conforming assignments, and need to be validated as such. +Obviously, pre-existing assignments can also prove to be exceptions to the rules, like non-conforming assignments, and need to be validated as such. ## Review Non-conforming Assignments -While there can be dependencies between the review of non-conforming roles and unreconciled -properties, there are no absolute requirements regarding the sequential order of the non-conforming -assignment review: +While there can be dependencies between the review of non-conforming roles and unreconciled properties, there are no absolute requirements regarding the sequential order of the non-conforming assignment review: -- Review [ Reconcile a Role ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md). -- Review [ Reconcile a Property ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md). -- [ Review an Unauthorized Account ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md). +- Review [Reconcile a Role](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md). +- Review [Reconcile a Property](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md). +- [Review an Unauthorized Account](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md). -[ Manage Risks ](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md) can be defined to highlight the most -sensitive accounts/permissions, in order to establish a priority order in the review of -non-conforming assignments. +[Manage Risks](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md) can be defined to highlight the most +sensitive accounts/permissions, in order to establish a priority order in the review of non-conforming assignments. diff --git a/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md b/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md index 850139eed0..e86971ea56 100644 --- a/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md @@ -6,29 +6,21 @@ sidebar_position: 20 # Reconcile a Property -How to review unreconciled properties. The aim is to handle the differences between the property -values from the managed systems and those computed by Identity Manager according to -[ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md). +How to review unreconciled properties. The aim is to handle the differences between the property values from the managed systems and those computed by Identity Manager according to [Create a Provisioning Rule](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md). ## Overview -Unreconciled properties are considered as non-conforming assignments because Identity Manager's role -model has computed property values that are different from the values in the managed systems. +Unreconciled properties are considered as non-conforming assignments because Identity Manager's role model has computed property values that are different from the values in the managed systems. ### Property reconciliation with role reconciliation For some managed systems, roles are tightly linked to navigation properties. -> For example, the AD hosts groups for various applications, and a role is assigned through a group -> membership. An entitlement can be assigned to an identity by adding said identity's DN to the -> `member` property of the appropriate group. Identity Manager translates it by editing the -> identity's `memberOf` property with the new group. +> For example, the AD hosts groups for various applications, and a role is assigned through a group > membership. An entitlement can be assigned to an identity by adding said identity's DN to the `member` property of the appropriate group. Identity Manager translates it by editing the identity's `memberOf` property with the new group. -In this case, when a role is assigned in the managed system without an existing rule that justifies -the role, then new items appear on the **Role Reconciliation**and the **Resource Reconciliation** -screens. +In this case, when a role is assigned in the managed system without an existing rule that justifies the role, then new items appear on the **Role Reconciliation**and the **Resource Reconciliation** screens. -> In the case of the AD example, consider that we want to assign a specific role in SAP. Then, we +> In the case of the AD example, consider that we want to assign a specific role in SAP. Then, we > find the corresponding group in the AD and add the identity's DN to its `member` property. > > The result is a new item on the **Role Reconciliation** screen for said SAP role, plus an item on @@ -173,5 +165,4 @@ the current values for several resources simultaneously. ## Verify Property Reconciliation -In order to verify the process, check that the changes you ordered appear on the corresponding -user's page in the directory. +In order to verify the process, check that the changes you ordered appear on the corresponding user's page in the directory. diff --git a/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md b/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md index e89501aa9f..61ec37f09f 100644 --- a/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md @@ -74,7 +74,7 @@ entitlements. Review a non-conforming permission by proceeding as follows: 1. Ensure that the - [ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) + [Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) was launched recently, through the complete job on the **Job Execution** page ![Home Page - Job Execution](/img/product_docs/identitymanager/saas/user-guide/set-up/synchronization/home_jobexecution_v602.webp) diff --git a/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md b/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md index 7f1ab56e00..4789eba021 100644 --- a/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md @@ -6,18 +6,15 @@ sidebar_position: 30 # Review an Unauthorized Account -How to remediate unauthorized accounts. The aim is to review the accounts whose assignments don't -comply with the rules of the role model. +How to remediate unauthorized accounts. The aim is to review the accounts whose assignments don't comply with the rules of the role model. ## Overview -Unauthorized accounts are considered as non-conforming assignments because no rule from Identity -Manager's model can justify their actual assignment to an identity. +Unauthorized accounts are considered as non-conforming assignments because no rule from Identity Manager's model can justify their actual assignment to an identity. ## Participants and Artifacts -This operation should be performed in cooperation with application owners in charge of applications' -entitlements. +This operation should be performed in cooperation with application owners in charge of applications' entitlements. | Input | Output | | --------------------------------------------------- | ------------------ | @@ -27,13 +24,11 @@ entitlements. Review an unauthorized account by proceeding as follows: -1. Ensure that the - [ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) - was launched recently, through the complete job on the **Job Execution** page: +1. Ensure that the [Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) was launched recently, through the complete job on the **Job Execution** page: ![Home Page - Job Execution](/img/product_docs/identitymanager/saas/user-guide/set-up/synchronization/home_jobexecution_v602.webp) - Or through the connector's overview page, **Jobs** > **Compute Role Model**. + Or through the connector's overview page **Jobs** > **Compute Role Model**. ![Resource Type Jobs](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/classification/synchro_resourcetype_v602.webp) @@ -57,12 +52,10 @@ Review an unauthorized account by proceeding as follows: The displayed confidence rate means that a rule actually assigned the account to the identity, but with a confidence rate too low to imply full automatic assignment. Approval will be - required. See the [ Classify Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) + required. See the [Classify Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) topic for additional information. - The **Resource Properties** frame shows all the properties of the resources. They can be updated - by clicking on the edit button. See the - [ Reconcile a Property ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. + The **Resource Properties** frame shows all the properties of the resources. They can be updated by clicking on the edit button. See the [Reconcile a Property](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. ![Edit Button](/img/product_docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/unauth_updateprop_v522.webp) @@ -70,10 +63,8 @@ Review an unauthorized account by proceeding as follows: Decisions must be made with caution as they cannot be undone. -7. Click on **Confirm Account Deletion** or **Authorize Account** according to the previous - decision. -8. Trigger the [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) by launching, on the appropriate connector's - overview page, **Jobs** > **Generate Provisioning Orders**, then, after this first task is done, +7. Click on **Confirm Account Deletion** or **Authorize Account** according to the previous decision. +8. Trigger the [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) by launching, on the appropriate connector's overview page **Jobs** > **Generate Provisioning Orders**, then, after this first task is done, **Jobs** > **Fulfill**. ![Resource Type Jobs](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/classification/synchro_resourcetype_v602.webp) diff --git a/docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/index.md b/docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/index.md index a8ac0d1bb1..08c554154a 100644 --- a/docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/index.md @@ -24,7 +24,7 @@ through the menu items on the left of the home page, in the **Connectors** secti These entity type pages can be configured via XML to customize all displayed columns and available filters, especially the **Orphan** filter that spots uncorrelated resources, and the **Owner / Resource Type** column that shows the owner of each resource. See -the[ Create Menu Items ](/docs/identitymanager/saas/integration-guide/ui/create-menu-items/index.md) topic for +the[Create Menu Items](/docs/identitymanager/saas/integration-guide/ui/create-menu-items/index.md) topic for additional information on customization. ![Owner / Resource Type Column](/img/product_docs/identitymanager/saas/user-guide/administrate/reporting/orphan_entitytype_v523.webp) @@ -32,16 +32,15 @@ additional information on customization. In the **Orphan** field, select **Yes** to see all existing resources without an owner. In addition, filters can be configured in the reporting module to list orphaned accounts. See the -[ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for additional information. Choose to display +[Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for additional information. Choose to display **User** and **AD User** (nominative) with a filter on void user's display names. -**NOTE:** Some accounts are considered orphaned because of an error in the account data or -assignment rule. -For an entity that is never the target of a resource type, the concept of an orphan does not apply -because the **Owner / Resource Type** column will be hidden. -When using a display table to display these entities, use -DisplayTableDesignElement``({{< relref "/integration-guide/toolkit/xml-configuration/user-interface/displaytable#properties" >}}) `"table"`` -or `"adaptable"`. +:::note +Some accounts are considered orphaned because of an error in the account data or assignment rule. +For an entity that is never the target of a resource type, the concept of an orphan does not apply because the **Owner / Resource Type** column will be hidden. +When using a display table to display these entities, use DisplayTableDesignElement``({{< relref "/integration-guide/toolkit/xml-configuration/user-interface/displaytable#properties" >}}) `"table"`` or `"adaptable"`. +::: + ### Unused accounts list @@ -83,7 +82,7 @@ return ((resource.lastLogonTimestamp == null) || Once this "unused" property is created, a list of all unused accounts can be displayed thanks to the filters in the query module, based on said property. See the -[ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for additional information. +[Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for additional information. The previous example about the AD's **isUnused** property can be complemented in the query module by displaying this property alongside users' **EmployeeId**. @@ -97,7 +96,7 @@ table below. | Input | Output | | ------------------------------------------------------------------------- | ------------------------------------ | -| [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) (required) | Removed orphaned and unused accounts | +| [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) (required) | Removed orphaned and unused accounts | ## Review an Orphaned Account @@ -145,16 +144,13 @@ You can **Select owner** from the list by clicking on the check box. - If the owner is still in the organization, the account must be connected to its owner. Is there a rule to change? -**NOTE:** We said that useful service accounts must be connected to their owners due to the fact -that an orphaned account cannot be certified. .See the -[ Perform Access Certification ](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md) topic for additional information. -But a service account must not be linked to a person, for the departure of said person from the -company may trigger the loss of the service account. -This is why we create identities with **Application** as their **UserType**, each -application-identity linked to a person supposed to manage it. Thus,service accounts must be -connected to application identities, themselves owned by people. That way, if the owner of the -application leaves, the application-identity is not deleted, and the service accounts it owns are +:::note +We said that useful service accounts must be connected to their owners due to the fact that an orphaned account cannot be certified. See the [Perform Access Certification](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md) topic for additional information. +But a service account must not be linked to a person, for the departure of said person from the company may trigger the loss of the service account. +This is why we create identities with **Application** as their **UserType**, each application-identity linked to a person supposed to manage it. Thus,service accounts must be connected to application identities, themselves owned by people. That way, if the owner of the application leaves, the application-identity is not deleted, and the service accounts it owns are not deprovisioned. +::: + See the schema below this note. @@ -162,30 +158,29 @@ See the schema below this note. **Step 6 –** Select the appropriate owner or no owner at all, according to the previous analysis. -_Remember,_ decisions must be made with caution as they cannot be undone. +:::tip +Remember, decisions must be made with caution as they cannot be undone. +::: + + +:::note +When binding an orphaned account to an existing owner, properties might need to be reconciled. +::: -**NOTE:** When binding an orphaned account to an existing owner, properties might need to be -reconciled. -**Step 7 –** Click on **Confirm Account Deletion** or **Authorize Account** according to the -previous decision. +**Step 7 –** Click on **Confirm Account Deletion** or **Authorize Account** according to the previous decision. By taking the necessary steps the orphan account will be delete or authorized. ### Use property view -By default, non-conforming assignments are listed by resource. It is possible to click on a resource -and then access the list of all unreconciled properties for said resource. +By default, non-conforming assignments are listed by resource. It is possible to click on a resource and then access the list of all unreconciled properties for said resource. ![Resource View](/img/product_docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/orphan_resourceview_v523.webp) -It can be helpful to have the non-conforming assignments regrouped by property, as some of the -changes can be similar, so very likely to be validated by the same user. This is why a property view -can be enabled by clicking on the **Property View** toggle at the top right corner. +It can be helpful to have the non-conforming assignments regrouped by property, as some of the changes can be similar, so very likely to be validated by the same user. This is why a property view can be enabled by clicking on the **Property View** toggle at the top right corner. -Once enabled, select a resource type to display all unreconciled properties linked to said resource -type. In addition, select a property to display only the unreconciled properties linked to said -resource type and property. +Once enabled, select a resource type to display all unreconciled properties linked to said resource type. In addition, select a property to display only the unreconciled properties linked to said resource type and property. ![Property View](/img/product_docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/orphan_propertyview_v603.webp) @@ -204,5 +199,4 @@ In order to verify the process, check that the line for your reviewed item has b ![View Permissions Tab](/img/product_docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/resource-creation/viewpermissions_v602.webp) -In addition, if you reconciled an orphaned account with an owner, check the user's permissions to -see said account. +In addition, if you reconciled an orphaned account with an owner, check the user's permissions to see said account. diff --git a/docs/identitymanager/saas/user-guide/administrate/provisioning/automatic-provisioning/index.md b/docs/identitymanager/saas/user-guide/administrate/provisioning/automatic-provisioning/index.md index 97abf01df8..307a5f5119 100644 --- a/docs/identitymanager/saas/user-guide/administrate/provisioning/automatic-provisioning/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/provisioning/automatic-provisioning/index.md @@ -28,12 +28,12 @@ At this point, integrators should have all the elements they need to operate. | Input | Output | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | -| [ Review Provisioning ](/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md) (required) Automated provisioning to [Create a Connection](/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md) (required) | Updated managed systems | +| [Review Provisioning](/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md) (required) Automated provisioning to [Create a Connection](/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md) (required) | Updated managed systems | ## Implement Automated Provisioning automated provisioning is performed through a connection using a -[ References: Packages ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/index.md) for +[References: Packages](/docs/identitymanager/saas/integration-guide/connectors/references-packages/index.md) for fulfilling external systems. ## Perform Automated Provisioning @@ -56,7 +56,7 @@ In order to verify the process: ![Home Page - Directory User](/img/product_docs/identitymanager/saas/user-guide/set-up/configure-workflows/home_directoryuser_v523.webp) 2. Follow the manual assignment workflow through - [ Request Entitlement Assignment ](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md) to make a change in + [Request Entitlement Assignment](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md) to make a change in one of their permissions, which involves automated provisioning. 3. Perform automated provisioning and check in Identity Manager that the change was effectively made. diff --git a/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md b/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md index 10fe9fd1f5..d37f5a105a 100644 --- a/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md @@ -24,17 +24,13 @@ When modeling your connectors, you had to decide what data you wanted Identity M within the external systems. You configured your connectors, and among other things you chose the appropriate connections and packages, to manage identities and their entitlements by writing directly to the managed systems. This is done through said connectors' provisioning capabilities. -See the [ Model the Data ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) and +See the [Model the Data](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) and [Create a Connection](/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md) topics for additional information. When changes are performed on identity data, entitlements or the role model inside Identity Manager, provisioning orders are generated in order to actually write said changes to the external systems. -These changes can be written automatically or manually. Manual provisioning is used to involve -humans and make them act on the external systems, instead of Identity Manager. Automatic -provisioning is used to minimize human intervention and trust Identity Manager with role model -enforcement in external systems. See the [ Provision Manually ](/docs/identitymanager/saas/user-guide/administrate/provisioning/manual-provisioning/index.md) and -[ Provision Automatically ](/docs/identitymanager/saas/user-guide/administrate/provisioning/automatic-provisioning/index.md)topics for additional information. +These changes can be written automatically or manually. Manual provisioning is used to involve humans and make them act on the external systems, instead of Identity Manager. Automatic provisioning is used to minimize human intervention and trust Identity Manager with role model enforcement in external systems. See the [Provision Manually](/docs/identitymanager/saas/user-guide/administrate/provisioning/manual-provisioning/index.md) and [Provision Automatically](/docs/identitymanager/saas/user-guide/administrate/provisioning/automatic-provisioning/index.md) topics for additional information. ### Provisioning states @@ -54,26 +50,13 @@ Here is the list of provisioning states and their description: | 7—Error | The role model threw an exception while evaluating the order. | | 8—Executed | The agent returned OK. | -These states are detailed with their transitions on the individual pages specific to provisioning -review, manual provisioning and automated provisioning. See the -[Entitlement Assignment](/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md) -and [ Review Provisioning ](/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md) topics for additional information. +These states are detailed with their transitions on the individual pages specific to provisioning review, manual provisioning and automated provisioning. See the [Entitlement Assignment](/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md) and [Review Provisioning](/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md) topics for additional information. ### Provisioning review -For security purposes, provisioning orders sometimes need to be reviewed before being propagated to -the managed system. Then, a user with the right entitlements accesses the **Provisioning Review** -page. Users can either approve provisioning orders that will then be unblocked and finally -propagated, or they can decline orders that will subsequently be ignored. See the -[ Configure a User Profile ](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md)topic for additional -information. +For security purposes, provisioning orders sometimes need to be reviewed before being propagated to the managed system. Then, a user with the right entitlements accesses the **Provisioning Review** page. Users can either approve provisioning orders that will then be unblocked and finally propagated, or they can decline orders that will subsequently be ignored. See the [Configure a User Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. -The review prior to the provisioning of entitlement assignments is usually performed based on the -resource type of given identities. For example, the assignment of sensitive entitlements will -require a review before being provisioned, whereas basic rights can be assigned at once. Therefore, -resources must be carefully classified beforehand. See the -[ Classify Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) topic for additional -information. +The review prior to the provisioning of entitlement assignments is usually performed based on the resource type of given identities. For example, the assignment of sensitive entitlements will require a review before being provisioned, whereas basic rights can be assigned at once. Therefore, resources must be carefully classified beforehand. See the [Classify Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) topic for additional information. ## Participants and Artifacts @@ -81,13 +64,7 @@ This operation should be performed in cooperation with the staff in charge of ma | Input | Output | | ----------------------------------------------------------------------------------------------------------------------- | ------------------ | -| Connector's data model (required) Classified resources (required) Provisioning Rules (required) Role catalog (required) | Provisioned system | - -See the [ Model the Data ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md), -[ Classify Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md), -[ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md), and -[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topics for -additional information. +| [Connector's data model](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) (required) [Classified resources](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) (required) [Provisioning Rules](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) (required) [Role catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) (required) | Provisioned system | ## Perform Provisioning diff --git a/docs/identitymanager/saas/user-guide/administrate/provisioning/manual-provisioning/index.md b/docs/identitymanager/saas/user-guide/administrate/provisioning/manual-provisioning/index.md index 0ad50de6bc..80f33d4e41 100644 --- a/docs/identitymanager/saas/user-guide/administrate/provisioning/manual-provisioning/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/provisioning/manual-provisioning/index.md @@ -10,9 +10,7 @@ How to use Identity Manager to manually write to the managed systems. ## Overview -In the lifecycle of a resource (entitlement assignment, resource creation, resource update, etc.), -manual provisioning is used to make humans intervene and act on the external systems, instead of -Identity Manager. +In the lifecycle of a resource (entitlement assignment, resource creation, resource update, etc.), manual provisioning is used to make humans intervene and act on the external systems, instead of Identity Manager. ### Provisioning states @@ -22,17 +20,15 @@ In its lifecycle, an assignment request goes through the following provisioning ## Participants and Artifacts -This operation should be performed in cooperation with the staff in charge of managed systems as -write permissions are required. +This operation should be performed in cooperation with the staff in charge of managed systems as write permissions are required. | Input | Output | | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | -| [ Review Provisioning ](/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md) (required) Manual provisioning through [Create a Connection](/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md) (required) | Updated managed systems | +| [Review Provisioning](/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md) (required) Manual provisioning through [Create a Connection](/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md) (required) | Updated managed systems | ## Implement Manual Provisioning -Manual provisioning is performed through a connection using the -[ Manual Ticket ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/manual-ticket/index.md). +Manual provisioning is performed through a connection using the [Manual Ticket](/docs/identitymanager/saas/integration-guide/connectors/references-packages/manual-ticket/index.md). Besides, for a resource to be manually provisioned, the corresponding resource type must be configured with the manual connection set to `Provisioning Connection` in the **Fulfill Settings**. @@ -78,7 +74,7 @@ In order to verify the process: ![Home Page - Directory User](/img/product_docs/identitymanager/saas/user-guide/set-up/configure-workflows/home_directoryuser_v523.webp) 2. Follow the workflow through - [ Request Entitlement Assignment ](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md) to make a change in + [Request Entitlement Assignment](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md) to make a change in one of their permissions, which involves manual provisioning. 3. Perform manual provisioning and check the provisioning state of the requested entitlement at every step, in the user's **View Permissions** tab. diff --git a/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md b/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md index 8fcbdd2e44..0552a54698 100644 --- a/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md @@ -10,17 +10,11 @@ How to review provisioning orders before generation. ## Overview -For security purposes, provisioning orders sometimes need to be reviewed before being computed and -actually generated. Then, a user with the right permissions accesses the **Provisioning Review** -page. They can either approve provisioning orders that will then be computed, generated and finally -ready for actual provisioning, or they can decline orders that will subsequently be ignored. See the -[ Configure a User Profile ](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topic for -additional information. +For security purposes, provisioning orders sometimes need to be reviewed before being computed and actually generated. Then, a user with the right permissions accesses the **Provisioning Review** page. They can either approve provisioning orders that will then be computed, generated and finally ready for actual provisioning, or they can decline orders that will subsequently be ignored. See the [Configure a User Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. ### Provisioning states -In an assignment request's lifecycle, provisioning review adds a few steps between the moment when -the request is issued and when provisioning orders are computed: +In an assignment request's lifecycle, provisioning review adds a few steps between the moment when the request is issued and when provisioning orders are computed: ![Provisioning State Schema](/img/product_docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/provreview_states_v523.webp) @@ -30,23 +24,16 @@ This operation should be performed in cooperation with the staff in charge of ma | Input | Output | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------- | -| [ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) (required) [ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) (required) | Provisioning orders | +| [Create a Provisioning Rule](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) (required) [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) (required) | Provisioning orders | ## Implement Provisioning Review -Provisioning review is configured for a given resource type. Therefore, you can decide to force the -review of provisioning orders when -you[ Create a Resource Type ](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md). You -can choose to: +Provisioning review is configured for a given resource type. Therefore, you can decide to force the review of provisioning orders when you [Create a Resource Type](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md). You can choose to: -- Set the number of required approvals by a - [ Manage Role Officers ](/docs/identitymanager/saas/user-guide/set-up/role-officer-management/index.md), via the - `Approval Workflow` option. +- Set the number of required approvals by a [Manage Role Officers](/docs/identitymanager/saas/user-guide/set-up/role-officer-management/index.md), via the `Approval Workflow` option. - Enable a technical approval by the application owner, via the `Block provisioning orders` option. -Provisioning review can also be triggered when a fulfillment error occurs. See -the[ Identity Management ](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md)topic -for additional information. +Provisioning review can also be triggered when a fulfillment error occurs. See the [Identity Management](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md) topic for additional information. ## Review Provisioning Orders @@ -61,12 +48,9 @@ Review provisioning orders by proceeding as follows: 2. Click on a line to access details and handle addition, association, update or deletion orders. - Once reviewed, provisioning orders are to be executed by Identity Manager during the next - **Fulfill** task, accessible from the corresponding connector's overview page, in the **Resource - Types** frame. + Once reviewed, provisioning orders are to be executed by Identity Manager during the next **Fulfill** task, accessible from the corresponding connector's overview page, in the **Resource Types** frame. - Automatic provisioning orders are directly executed, while manual provisioning orders are listed - on the **Manual Provisioning** page. + Automatic provisioning orders are directly executed, while manual provisioning orders are listed on the **Manual Provisioning** page. ![Fulfill Task](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/classification/synchro_resourcetype_v602.webp) @@ -83,10 +67,7 @@ Identity Manager shows all the properties of the new resource to be created: - `Workflow State`: describes the origin or approval state of an assignment. - `Confidence Rate`: rate expressing the confidence in the corresponding query rule. -See the -[Entitlement Assignment](/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md) -and [ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) topics for -additional information. +See the [Entitlement Assignment](/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md) and [Create a Provisioning Rule](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) topics for additional information. Handle an addition order by proceeding as follows: @@ -108,14 +89,11 @@ Handle an addition order by proceeding as follows: ### Handle an association order -Identity Manager displays a given owner and a given resource to be associated with a given -[ Classify Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md)and all resource -properties to be verified: +Identity Manager displays a given owner and a given resource to be associated with a given [Classify Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md)and all resource properties to be verified: ![Association Order Review](/img/product_docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/provmanual_reviewassociation_v602.webp) -- `Confidence rate of proposed resource`: rate expressing the confidence in this - [ Correlate Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md). +- `Confidence rate of proposed resource`: rate expressing the confidence in this [Correlate Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md). - `Proposed Value`: value proposed by Identity Manager. - `Current Value`: value currently in the managed system. - `Provisioning State` @@ -124,10 +102,7 @@ properties to be verified: - `Workflow State`: describes the origin or approval state of an assignment. - `Confidence Rate`: rate expressing the confidence in the corresponding query rule. -See the -[Entitlement Assignment](/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md) -and [ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) topics for -additional information. +See the [Entitlement Assignment](/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md) and [Create a Provisioning Rule](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) topics for additional information. Handle an association order by proceeding as follows: @@ -165,10 +140,7 @@ Identity Manager shows a given resource and all resource properties to be verif - `Workflow State`: describes the origin or approval state of an assignment. - `Confidence Rate`: rate expressing the confidence in the corresponding query rule. -See the -[Entitlement Assignment](/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md) -and [ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) topics for -additional information. +See the [Entitlement Assignment](/docs/identitymanager/saas/integration-guide/role-assignment/assignments-of-entitlements/index.md) and [Create a Provisioning Rule](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) topics for additional information. Handle an update order by proceeding as follows: @@ -230,8 +202,7 @@ In order to verify the process: ![Home Page - Directory User](/img/product_docs/identitymanager/saas/user-guide/set-up/configure-workflows/home_directoryuser_v523.webp) -2. Follow the [ Request Entitlement Assignment ](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md) workflow - to make a change in one of their permissions, which involves provisioning review. +2. Follow the [Request Entitlement Assignment](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md) workflow to make a change in one of their permissions, which involves provisioning review. 3. Check that the provisioning state is `Pending` in the user's **View Permissions** tab. ![View Permissions Tab](/img/product_docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/resource-creation/viewpermissions_v602.webp) diff --git a/docs/identitymanager/saas/user-guide/administrate/reporting/index.md b/docs/identitymanager/saas/user-guide/administrate/reporting/index.md index 403b2d5cd0..472ffc7168 100644 --- a/docs/identitymanager/saas/user-guide/administrate/reporting/index.md +++ b/docs/identitymanager/saas/user-guide/administrate/reporting/index.md @@ -60,7 +60,7 @@ Identity Manager provides a selection of predefined reports available in the so represent the most common use cases. The accessibility of these predefined reports was configured during profile configuration. See the -[ Configure a User Profile ](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md)topic for additional +[Configure a User Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md)topic for additional information. Download predefined reports by proceeding as follows: @@ -85,12 +85,12 @@ information. When facing a one-time need for producing specific reports, Identity Manager's Query module helps display attributes chosen from the data which is already synchronized and classified. See the -[ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) and -[ Classify Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) topics for additional +[Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) and +[Classify Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) topics for additional information. This module offers the possibility to customize reports and download them. The Query module is based on predefined -[ Universe ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) +[Universe](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) that can be adjusted later on in XML configuration, just like the list of available query models. Create a custom report by proceeding as follows: @@ -103,14 +103,14 @@ Create a custom report by proceeding as follows: 2. Choose a query model from among the list. 3. Click on **Fields to Display** and select the appropriate fields from among the database - [ Universe ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) + [Universe](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) and click on **Confirm**. ![Fields to Display](/img/product_docs/identitymanager/saas/user-guide/administrate/reporting/reporting_fieldstodisplay_v522.webp) In cases where Identity Manager doesn't display correctly the information you need, you must try to understand the entity instances and association instances that constitute the - [ Universe ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) + [Universe](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/business-intelligence/universe/index.md) that you are working with. Perhaps the fields that you chose cannot be properly correlated. 4. Click on **Filters**, write the appropriate condition and click on **Confirm**. diff --git a/docs/identitymanager/saas/user-guide/deploy/index.md b/docs/identitymanager/saas/user-guide/deploy/index.md index 3f7c2c753b..1980a95dbd 100644 --- a/docs/identitymanager/saas/user-guide/deploy/index.md +++ b/docs/identitymanager/saas/user-guide/deploy/index.md @@ -6,33 +6,33 @@ sidebar_position: 50 # Deploy -- [ Plan Change Management ](/docs/identitymanager/saas/user-guide/deploy/change-management/index.md) +- [Plan Change Management](/docs/identitymanager/saas/user-guide/deploy/change-management/index.md) How to anticipate the deep changes in the organization's applications and processes due to Identity Manager installation as a new IGA tool. -- [ Install the Production Agent ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/index.md) +- [Install the Production Agent](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/index.md) How to install a local agent for production environment. -- [ Configure the Agent's Settings ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/settings-files/index.md) +- [Configure the Agent's Settings](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/settings-files/index.md) How to configure the agent's application settings via the `web.config`, `appsettings.json` and `appsettings.agent.json` files. -- [ Install IIS via Server Manager ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-installation/index.md) +- [Install IIS via Server Manager](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-installation/index.md) How to configure the local server to install IIS via Server Manager. -- [ Configure the Pool and Site ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-configuration/index.md) +- [Configure the Pool and Site](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-configuration/index.md) How to configure the application pool and website via IIS. -- [ Set the Working Directory's Permissions ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/directory-permissions/index.md) +- [Set the Working Directory's Permissions](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/directory-permissions/index.md) How to assign to the pool the right permissions on the working directory. -- [ Finalize the Installation ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/finalization/index.md) +- [Finalize the Installation](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/finalization/index.md) How to finalize the installation of the agent. diff --git a/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/directory-permissions/index.md b/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/directory-permissions/index.md index 65c426adb8..8f73433d31 100644 --- a/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/directory-permissions/index.md +++ b/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/directory-permissions/index.md @@ -59,4 +59,4 @@ Set the working directory's permissions by proceeding as follows: ## Next Steps -To continue, [ Finalize the Installation ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/finalization/index.md)in a few steps. +To continue, [Finalize the Installation](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/finalization/index.md)in a few steps. diff --git a/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/finalization/index.md b/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/finalization/index.md index c5cf6b4196..ab9e3fe1ca 100644 --- a/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/finalization/index.md +++ b/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/finalization/index.md @@ -21,15 +21,15 @@ Finalize the installation of the agent by proceeding as follows: [Windows' hosting bundle for ASP.Net Runtime](https://dotnet.microsoft.com/en-us/download/dotnet/8.0). If the bundle was installed before - [ Configure the Pool and Site ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-configuration/index.md), then IIS might not display the + [Configure the Pool and Site](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-configuration/index.md), then IIS might not display the AspNetCore module and Identity Manager will not run. In this case, relaunch the bundle's installation executable to perform a repair. 2. When using a proxy, adjust the configuration accordingly. See the - [ Reverse Proxy ](/docs/identitymanager/saas/installation-guide/reverse-proxy/index.md)topic for additional + [Reverse Proxy](/docs/identitymanager/saas/installation-guide/reverse-proxy/index.md)topic for additional information. ## Next Steps To continue, follow the instructions to verify the agent's installation. See the -[ Install the Production Agent ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/index.md) topic for additional information. +[Install the Production Agent](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-configuration/index.md b/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-configuration/index.md index 70f48b12ec..d5aa749e43 100644 --- a/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-configuration/index.md +++ b/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-configuration/index.md @@ -70,4 +70,4 @@ Configure the application pool and site by proceeding as follows: ## Next Steps -To continue, [ Set the Working Directory's Permissions ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/directory-permissions/index.md). +To continue, [Set the Working Directory's Permissions](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/directory-permissions/index.md). diff --git a/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-installation/index.md b/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-installation/index.md index 19ade4475d..e7c4ba9be0 100644 --- a/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-installation/index.md +++ b/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-installation/index.md @@ -49,4 +49,4 @@ Install IIS via Server Manager by proceeding as follows: ## Next Steps -To continue,[ Configure the Pool and Site ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-configuration/index.md)and website via IIS. +To continue,[Configure the Pool and Site](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-configuration/index.md)and website via IIS. diff --git a/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/index.md b/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/index.md index c5b6e81e35..c66216b8fa 100644 --- a/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/index.md +++ b/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/index.md @@ -7,7 +7,7 @@ sidebar_position: 20 # Install the Production Agent This guide shows how to install an agent separated from the server, for production environment. See -the [ Architecture ](/docs/identitymanager/saas/introduction-guide/architecture/index.md)topic for additional +the [Architecture](/docs/identitymanager/saas/introduction-guide/architecture/index.md)topic for additional information. ## Overview @@ -15,7 +15,7 @@ information. Like all agents, the production agent aims to extract data from a given managed system, and transmit said data to the Identity Manager server. If necessary, the agent also enables the managed system's provisioning according to the orders computed by the Identity Manager server. See the -[ Architecture ](/docs/identitymanager/saas/introduction-guide/architecture/index.md) topic for additional +[Architecture](/docs/identitymanager/saas/introduction-guide/architecture/index.md) topic for additional information. Identity Manager solution can use several agents, each of them manages a given system. This section @@ -23,13 +23,13 @@ is about installing the agent managing the production environment. Once agents are configured in addition to the default one provided by SaaS, you need to think about what agent to choose during each -[ Create the Connector ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-declaration/index.md)declaration. The +[Create the Connector](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-declaration/index.md)declaration. The appropriate agent has access to the managed system. ## Requirements Ensure that all -[ Agent ](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md)requirements can be +[Agent](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md)requirements can be met before starting the installation of the production agent. Requirements for the agent installation can change over the course of the project, according to the @@ -50,20 +50,20 @@ Integrators should have all the elements they need to operate. | Input | Output | | -------------------------------------------------------------------------------------------------------- | ---------------- | -| [ Agent ](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md) prerequisites (required) | Production agent | +| [Agent](/docs/identitymanager/saas/installation-guide/requirements/agent-requirements/index.md) prerequisites (required) | Production agent | ## Install the Production Agent Install the production agent by proceeding as follows: -1. [ Create a Working Directory ](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) +1. [Create a Working Directory](/docs/identitymanager/saas/installation-guide/production-ready/working-directory/index.md) and make sure it contains the folders: `Mails`; `Sources`; `Temp`; `Work`. -2. [ Configure the Agent's Settings ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/settings-files/index.md) via the `web.config`, +2. [Configure the Agent's Settings](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/settings-files/index.md) via the `web.config`, `appsettings.json` and `appsettings.agent.json` files. -3. Configure the local server to [ Install IIS via Server Manager ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-installation/index.md). -4. [ Configure the Pool and Site ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-configuration/index.md) via IIS. -5. [ Set the Working Directory's Permissions ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/directory-permissions/index.md). -6. [ Finalize the Installation ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/finalization/index.md). +3. Configure the local server to [Install IIS via Server Manager](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-installation/index.md). +4. [Configure the Pool and Site](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-configuration/index.md) via IIS. +5. [Set the Working Directory's Permissions](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/directory-permissions/index.md). +6. [Finalize the Installation](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/finalization/index.md). ## Verify Agent Installation diff --git a/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/settings-files/index.md b/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/settings-files/index.md index ff393565d1..627393fae9 100644 --- a/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/settings-files/index.md +++ b/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/settings-files/index.md @@ -34,7 +34,7 @@ Configure the agent's settings by proceeding as follows: ``` - web.config +**web.config** ... ... @@ -48,35 +48,27 @@ Configure the agent's settings by proceeding as follows: - **IdentityServer** contains the encryption certificate's path and password provided by Netwrix Identity Manager (formerly Usercube) team, in order to secure agent/server identification; - > For example: - > - > ``` - > - > appsettings.json - > - > "IdentityServer": { - > "X509KeyFilePath": "./identitymanager.pfx", - > "X509KeyFilePassword": "secret" - > } - > - > ``` + For example (in `appsettings.json`): + + ```json + "IdentityServer": { + "X509KeyFilePath": "./identitymanager.pfx", + "X509KeyFilePassword": "secret" + } + ``` - you get an encryption certificate which will be used to encrypt specific files such as logs or temporary files, and that **EncryptionCertificate** contains its path and password; - > For example: - > - > ``` - > - > appsettings.json - > - > "EncryptionCertificate": { - > "File": "./identitymanager-Files.pfx", - > "Password": "secret", - > "EncryptFile": true - > } - > - > ``` + For example (in `appsettings.json`): + + ```json + "EncryptionCertificate": { + "File": "./identitymanager-Files.pfx", + "Password": "secret", + "EncryptFile": true + } + ``` **EncryptFile** can stay set to `false` while verifying the agent installation, but for security reasons it must be set to `true` afterwards. @@ -87,30 +79,24 @@ Configure the agent's settings by proceeding as follows: - **ApplicationUri** contains the server's address, provided by Netwrix Identity Manager (formerly Usercube) team when working in a SaaS environment; - > For example: - > - > ``` - > - > appsettings.json - > - > "ApplicationUri": "http://localhost:5000" - > - > ``` + For example (in `appsettings.json`): + + ```json + "ApplicationUri": "http://localhost:5000" + ``` Do not write a `/` character at the end of the string. - **Cors** > **AllowAnyHeader**, **AllowAnyMethod** and **AllowCredentials** are set to `true`; - ``` - - appsettings.json - - "Cors": { - "AllowAnyHeader": "true", - "AllowAnyMethod": "true", - "AllowCredentials": "true" - } + For example (in `appsettings.json`): + ```json + "Cors": { + "AllowAnyHeader": "true", + "AllowAnyMethod": "true", + "AllowCredentials": "true" + } ``` 4. Open `appsettings.agent.json` and make sure that: @@ -120,151 +106,121 @@ Configure the agent's settings by proceeding as follows: [appsettings.agent](/docs/identitymanager/saas/integration-guide/network-configuration/agent-configuration/appsettings-agent/index.md) topic for additional information.. - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "OpenId": { - > "AgentIdentifier": "MyAgent" - > } - > - > ``` - > - > With the following configuration: - > - > ``` - > - > - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "OpenId": { + "AgentIdentifier": "MyAgent" + } + ``` + + With the following configuration: + + For example (in XML): + + ```xml + + ``` - **OpenId** > **OpenIdClients** > **Job** contains the non-hashed value of the password of "Job-Remote" provided by NETWRIX' team - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "OpenId": { - > "AgentIdentifier": "MyAgent", - > "OpenIdClients": { - > "Job": "secret" - > } - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "OpenId": { + "AgentIdentifier": "MyAgent", + "OpenIdClients": { + "Job": "secret" + } + } + ``` and add the hashed value of this password to the `OpenIdClient` named `Job` from the XML configuration; - > For example: - > - > ``` - > - > - > - > ``` + For example (in XML): + + ```xml + + ``` - **OpenId** > **DefaultOpenIdClient** is set to `Job`; - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "OpenId": { - > "AgentIdentifier": "MyAgent", - > "OpenIdClients": { - > "Job": "secret" - > }, - > "DefaultOpenIdClient": "Job" - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "OpenId": { + "AgentIdentifier": "MyAgent", + "OpenIdClients": { + "Job": "secret" + }, + "DefaultOpenIdClient": "Job" + } + ``` - **PasswordResetSettings** > **TwoFactorSettings** > **ApplicationUri** contains the server's address, provided by NETWRIX' team when working in a SaaS environment; - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "PasswordResetSettings": { - > "TwoFactorSettings": { - > "ApplicationUri": "http://localhost:5000" - > } - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "PasswordResetSettings": { + "TwoFactorSettings": { + "ApplicationUri": "http://localhost:5000" + } + } + ``` - **PasswordResetSettings** > **EncryptionCertificate** contains contains the path and password of the certificate used to secure password tokens; - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "PasswordResetSettings": { - > "TwoFactorSettings": { - > "ApplicationUri": "http://localhost:5000" - > }, - > "EncryptionCertificate": { - > "File": "../identitymanager.pfx", - > "Password": "secret" - > } - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "PasswordResetSettings": { + "TwoFactorSettings": { + "ApplicationUri": "http://localhost:5000" + }, + "EncryptionCertificate": { + "File": "../identitymanager.pfx", + "Password": "secret" + } + } + ``` - **PasswordResetSettings** > **MailSettings** > **PickupDirectory** is set to the `Mails` folder and **FromAddress** to `no-reply@.com`; - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "PasswordResetSettings": { - > "TwoFactorSettings": { - > "ApplicationUri": "http://localhost:5000" - > }, - > "EncryptionCertificate": { - > "File": "../identitymanager.pfx", - > "Password": "secret" - > }, - > "MailSettings": { - > "PickupDirectory": "../Mails", - > "FromAddress": "no-reply@contoso.com" - > } - > } - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "PasswordResetSettings": { + "TwoFactorSettings": { + "ApplicationUri": "http://localhost:5000" + }, + "EncryptionCertificate": { + "File": "../identitymanager.pfx", + "Password": "secret" + }, + "MailSettings": { + "PickupDirectory": "../Mails", + "FromAddress": "no-reply@contoso.com" + } + } + ``` - **SourcesRootPaths** contains the path to the `Sources` folder. - > For example: - > - > ``` - > - > appsettings.agent.json - > - > "SourcesRootPaths": [ - > "C:/identitymanager/Sources" - > ] - > - > ``` + For example (in `appsettings.agent.json`): + + ```json + "SourcesRootPaths": [ + "C:/identitymanager/Sources" + ] + ``` ## Next Steps To continue,see the local server to -[ Install IIS via Server Manager ](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-installation/index.md). +[Install IIS via Server Manager](/docs/identitymanager/saas/user-guide/deploy/production-agent-installation/iis-installation/index.md). diff --git a/docs/identitymanager/saas/user-guide/global-process/howto-maintaindirectory/index.md b/docs/identitymanager/saas/user-guide/global-process/howto-maintaindirectory/index.md index c10be689de..df60dd7b1a 100644 --- a/docs/identitymanager/saas/user-guide/global-process/howto-maintaindirectory/index.md +++ b/docs/identitymanager/saas/user-guide/global-process/howto-maintaindirectory/index.md @@ -14,7 +14,5 @@ How to keep the workforce directory up to date. ## Process Details -Be aware that the integration of an IGA tool is an iterative process. Thus, after following -the[ How to Start ](/docs/identitymanager/saas/user-guide/global-process/howto-start/index.md) process and creating the workforce directory, you can -come back at any time and complete the directory that you started -[ Update Identity Data ](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/index.md). +Be aware that the integration of an IGA tool is an iterative process. Thus, after following the [How to Start](/docs/identitymanager/saas/user-guide/global-process/howto-start/index.md) process and creating the workforce directory, you can +come back at any time and complete the directory that you started [Update Identity Data](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/index.md). diff --git a/docs/identitymanager/saas/user-guide/global-process/howto-newsystem/index.md b/docs/identitymanager/saas/user-guide/global-process/howto-newsystem/index.md index e3a0e82a6c..578e5b4850 100644 --- a/docs/identitymanager/saas/user-guide/global-process/howto-newsystem/index.md +++ b/docs/identitymanager/saas/user-guide/global-process/howto-newsystem/index.md @@ -14,25 +14,11 @@ When connecting Identity Manager to a new system, several process paths can be your strategy. There is no option fundamentally better than the others, your decision must depend on your needs. -The **option A** leads quickly to the implementation in production environment, i.e. a new -application in Identity Manager's scope. With this, you can -[Review Orphaned and Unused Accounts](/docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/index.md), -[Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) the AD, -[ Reconcile a Property ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md), -and [ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md), for example the list of profiles -assigned to users. - -The **option B** takes more time as it goes through the creation of the role model based on the -system's entitlements, but it leads to even more gain as you can also -[ Reconcile a Role ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md), -[ Perform Access Certification ](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md)access -certification and -[ Request Entitlement Assignment ](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md), and also -[ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md), for example the list of assigned single -roles. - -The option B is more complicated and time-consuming than the option A, but leads to more gain. Be -aware that you can go through the process options simultaneously. +The **option A** leads quickly to the implementation in production environment, i.e. a new application in Identity Manager's scope. With this, you can [Review Orphaned and Unused Accounts](/docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/index.md), [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) the AD, [Reconcile a Property](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md), and [Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md), for example the list of profiles assigned to users. + +The **option B** takes more time as it goes through the creation of the role model based on the system's entitlements, but it leads to even more gain as you can also [Reconcile a Role](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md), [Perform Access Certification](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md) access certification and [Request Entitlement Assignment](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md), and also [Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md), for example the list of assigned single roles. + +The option B is more complicated and time-consuming than the option A, but leads to more gain. Be aware that you can go through the process options simultaneously. ![Process Schema - How to Implement a New System](/img/product_docs/identitymanager/saas/user-guide/global-process/howto-newsystem/globalprocess_schemaconnectsyst.webp) @@ -40,23 +26,17 @@ aware that you can go through the process options simultaneously. ### Common starting steps -1. [ Connect to a Managed System ](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md): create the appropriate +1. [Connect to a Managed System](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md): create the appropriate connector with its connections and entity types. -2. [ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) into Identity Manager. +2. [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) into Identity Manager. - Based on this, you can [ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md), for example - the list of resources in the system. A few predefined reports are available from the start, you - can generate any report from this list as soon as it makes sense according to the integration - progress. + Based on this, you can [Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md), for example the list of resources in the system. A few predefined reports are available from the start, you + can generate any report from this list as soon as it makes sense according to the integration progress. -3. [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) in order to classify them +3. [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) in order to classify them according to their intent, and correlate these resources with their owners. -4. [ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) to write to the - system in order to update the resources' properties directly in the system. -5. Adjust the rules by - [ Reconcile a Property ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) - resources, i.e. analyze the differences spotted between the reality of resources' properties and - those computed by the previously established rules. Especially, verify that accounts are +4. [Create a Provisioning Rule](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) to write to the system in order to update the resources' properties directly in the system. +5. Adjust the rules by [Reconcile a Property](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) resources, i.e. analyze the differences spotted between the reality of resources' properties and those computed by the previously established rules. Especially, verify that accounts are correlated to the right owners and that their properties have the right values. Either the integrator handles the customization of the rules and the review of non-conforming @@ -74,9 +54,9 @@ Go directly to the common final steps (step 8). ### Option B: First build the role model -6. [ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) for +6. [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) for applications managed by the system. -7. [ Automate Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md) if needed: use Role +7. [Automate Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md) if needed: use Role Mining to create single role rules in bulk; adjust the generated rules individually and manually. ### Common final steps diff --git a/docs/identitymanager/saas/user-guide/global-process/howto-start/index.md b/docs/identitymanager/saas/user-guide/global-process/howto-start/index.md index ba5047cd07..1a117f018a 100644 --- a/docs/identitymanager/saas/user-guide/global-process/howto-start/index.md +++ b/docs/identitymanager/saas/user-guide/global-process/howto-start/index.md @@ -15,7 +15,7 @@ There is no option fundamentally better than the others, your decision must depe The **option 1** leads quickly to identity management, i.e. users' on-boarding/movement/off-boarding without needing a periodic synchronization. See the -[ Update Identity Data ](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/index.md) topic for additional +[Update Identity Data](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/index.md) topic for additional information. The **option 2A** takes more time as it requires the installation of an agent on your network in @@ -23,16 +23,16 @@ order to connect Identity Manager to the system and use the AD's data, but it le you can also [Review Orphaned and Unused Accounts](/docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/index.md), [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) the AD, -[ Reconcile a Property ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md)properties, -and [ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md), for example the list of profiles +[Reconcile a Property](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md)properties, +and [Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md), for example the list of profiles assigned to users. The **option 2B** takes even more time as it goes through the creation of the role model based on the system's entitlements, but it leads to even more gain as you can also -[ Reconcile a Role ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md), -[ Perform Access Certification ](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md) and -[ Request Entitlement Assignment ](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md), and also -[ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md), for example the list of assigned single +[Reconcile a Role](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md), +[Perform Access Certification](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md) and +[Request Entitlement Assignment](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md), and also +[Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md), for example the list of assigned single roles. The options 2A and 2B are more complicated and time-consuming than the option 1, but lead to more @@ -48,8 +48,8 @@ simultaneously. ### Common starting steps -1. [ Install the Development Environment ](/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md). -2. [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md): configure +1. [Install the Development Environment](/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md). +2. [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md): configure the generation of unique properties; load workforce identities to Identity Manager; adjust the data model. @@ -69,25 +69,25 @@ Go directly to the common final steps (step 10). Starting with an external system requires the installation of a local agent. 3. Connect Identity Manager to the system by creating a connector. See the - [ Connect to a Managed System ](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) topic for additional + [Connect to a Managed System](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) topic for additional information. -4. [ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md)the system's data into Identity +4. [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md)the system's data into Identity Manager. - Based on this, you can [ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md), for example + Based on this, you can [Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md), for example the list of resources in the system. A few predefined reports are available from the start, you can generate any report from this list as soon as it makes sense according to the integration progress. -5. [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) in order to classify them +5. [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) in order to classify them according to their intent, and correlate these resources with their owners. -6. [ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) to write to the +6. [Create a Provisioning Rule](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) to write to the system in order to update the resources' properties directly in the system. 7. Adjust the rules by reconciling resources, i.e. analyze the differences spotted between the reality of resources' properties and those computed by the previously established rules. Especially, verify that accounts are correlated to the right owners and that their properties have the right values. See the - [ Reconcile a Property ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) + [Reconcile a Property](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. Either the integrator handles the customization of the rules and the review of non-conforming @@ -105,9 +105,9 @@ Go directly to the common final steps (step 10). ### Option 2B: First build the role model -8. [ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) for +8. [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) for applications managed by the system. -9. [ Automate Role Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) +9. [Automate Role Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) if needed: use Role Mining to create single role rules in bulk; adjust the generated rules individually and manually. @@ -115,7 +115,7 @@ Go directly to the common final steps (step 10). 10. Adjust HR workflows to keep the workforce directory updated (only in XML configuration). 11. Define the permissions for your user profiles. See the - [ Configure a User Profile ](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topic for + [Configure a User Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. 12. Define the authentication mode by configuring `SelectUserByIdentityQueryHandlerSetting` (only in XML configuration), and [Assign Users a Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-assignment/index.md) diff --git a/docs/identitymanager/saas/user-guide/global-process/index.md b/docs/identitymanager/saas/user-guide/global-process/index.md index a388c476eb..8be10064d8 100644 --- a/docs/identitymanager/saas/user-guide/global-process/index.md +++ b/docs/identitymanager/saas/user-guide/global-process/index.md @@ -15,14 +15,14 @@ Be aware that the integration of an IGA tool is an iterative process. There is n process. This user guide provides the following processes that can follow one another and intertwine. -- [ How to Start ](/docs/identitymanager/saas/user-guide/global-process/howto-start/index.md) +- [How to Start](/docs/identitymanager/saas/user-guide/global-process/howto-start/index.md) How to start integrating Identity Manager with your own needs. -- [ How to Maintain the Workforce Directory ](/docs/identitymanager/saas/user-guide/global-process/howto-maintaindirectory/index.md) +- [How to Maintain the Workforce Directory](/docs/identitymanager/saas/user-guide/global-process/howto-maintaindirectory/index.md) How to keep the workforce directory up to date. -- [ How to Implement a New System ](/docs/identitymanager/saas/user-guide/global-process/howto-newsystem/index.md) +- [How to Implement a New System](/docs/identitymanager/saas/user-guide/global-process/howto-newsystem/index.md) How to add a new system to the solution. diff --git a/docs/identitymanager/saas/user-guide/index.md b/docs/identitymanager/saas/user-guide/index.md index cd0d6c54f6..1ea623c968 100644 --- a/docs/identitymanager/saas/user-guide/index.md +++ b/docs/identitymanager/saas/user-guide/index.md @@ -24,8 +24,7 @@ main purposes, principles and capabilities of Identity Manager. Using this guide does not require any advanced IT skills. All the configuration steps take place through Identity Manager's UI or MS Excel files. -Netwrix Identity Manager (formerly Usercube)strongly recommends starting from the -[Introduction Guide](/docs/identitymanager/saas/introduction-guide/index.md) to fully benefit from the User Guide's content. +Netwrix Identity Manager (formerly Usercube)strongly recommends starting from the [Introduction Guide](/docs/identitymanager/saas/introduction-guide/index.md) to fully benefit from the User Guide's content. ## Overview @@ -52,7 +51,7 @@ contribute to a same goal. While some activities must be carried out before others for technical and/or functional reasons, the order is not absolute. Please follow the instructions and recommendations detailed with the -[ Global Process ](/docs/identitymanager/saas/user-guide/global-process/index.md). +[Global Process](/docs/identitymanager/saas/user-guide/global-process/index.md). All activities are organized into bigger sections which are distinguishable by their functional intent: set up; administrate; optimize; deploy and maintain. @@ -88,8 +87,7 @@ Identity Manager is already running in production. ## How to Use this Guide -Start by studying the [ Global Process ](/docs/identitymanager/saas/user-guide/global-process/index.md). that details every activity in -their respective sections and how they relate to one another. You will get a good view of the steps +Start by studying the [Global Process](/docs/identitymanager/saas/user-guide/global-process/index.md) that details every activity in their respective sections and how they relate to one another. You will get a good view of the steps to take from start to finish. Follow the path, stop at each activity, and go check out the details on the matching page of the diff --git a/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/index.md b/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/index.md index cf84ffc568..6f616cded6 100644 --- a/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/index.md +++ b/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/index.md @@ -32,7 +32,7 @@ Integrators are able to perform an identity update if they master the new data. | ----------------------------------------------------------- | --------------------------- | | Identity repository (required) New identity data (required) | Updated identity repository | -See the [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic +See the [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. ## Modify Identity Data @@ -40,9 +40,9 @@ for additional information. Modify identity data by proceeding as follows, according to the changes to be made: - either update data individually by using predefined workflows in the UI; See the - [ Update an Individual Identity ](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/individual-update/index.md) topic for additional information. + [Update an Individual Identity](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/individual-update/index.md) topic for additional information. - or perform a same change on several identities simultaneously by using Identity Manager's - predefined workflow in the UI; See the [ Update Identities in Bulk ](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/mass-update/index.md) topic + predefined workflow in the UI; See the [Update Identities in Bulk](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/mass-update/index.md) topic for additional information. - or update data on a massive scale by uploading an external file into Identity Manager, as an incremental version of the identity repository. diff --git a/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/individual-update/index.md b/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/individual-update/index.md index f0684f47f1..07c54d6978 100644 --- a/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/individual-update/index.md +++ b/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/individual-update/index.md @@ -28,7 +28,7 @@ department. | ----------------------------------------------------------- | --------------------------- | | Identity repository (required) New identity data (required) | Updated identity repository | -See the [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) +See the [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. ## Declare a New Identity @@ -45,7 +45,7 @@ Declare a new worker by proceeding as follows: 3. Follow the workflow's instructions to fill the form with the user's data, choose the user's entitlements from your role catalog and send the request. See the - [ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) + [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Act on an Existing Identity diff --git a/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/mass-update/index.md b/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/mass-update/index.md index 03bfb27d30..f0cbb325f8 100644 --- a/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/mass-update/index.md +++ b/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/mass-update/index.md @@ -30,7 +30,7 @@ Identity data can be updated most often in cooperation with the HR department. | ----------------------------------------------------------- | --------------------------- | | Identity repository (required) New identity data (required) | Updated identity repository | -See the [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) +See the [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. ## Update Data in Complete Mode @@ -59,7 +59,7 @@ Mass update identity data (in complete mode) by proceeding as follows: 8. Click on **Save & Close**. 9. Back on the connector's page, launch synchronization. See the - [ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) topic for additional information. + [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) topic for additional information. Be cautious about thresholds. @@ -88,7 +88,7 @@ Mass update identity data (in incremental mode) by proceeding as follows: - `Delete` to remove attributes from the datamodel; Instead of using `Delete`, you can scan the data model to exclude unused attributes. See the - [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) + [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. - `Merge` to input an identity's data and modify the corresponding attributes if said identity @@ -108,7 +108,7 @@ Mass update identity data (in incremental mode) by proceeding as follows: 8. Click on **Save & Close**. 9. Back on the connector's page, launch synchronization. See the - [ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) topic for additional information. + [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) topic for additional information. Be cautious about thresholds. @@ -134,4 +134,4 @@ In order to verify the process: - Create reports with indicators on the workers number per type or per organization for example (through Identity Manager' predefined reports, the Query module or Power BI), in order to ensure that Identity Manager's content sticks to reality. See the - [ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for additional information. + [Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/multiple-update/index.md b/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/multiple-update/index.md index 6eb4f81dd7..5110212586 100644 --- a/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/multiple-update/index.md +++ b/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/multiple-update/index.md @@ -27,7 +27,7 @@ department. | ----------------------------------------------------------- | --------------------------- | | Identity repository (required) New identity data (required) | Updated identity repository | -See the [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) +See the [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. ## Update @@ -72,4 +72,4 @@ In order to verify the process: - Create reports with indicators, for example, on the number of workers per type or per organization (through Identity Manager's predefined reports, the Query module or Power BI), to ensure that Identity Manager's content sticks to reality. See the - [ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for additional information. + [Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/user-guide/maintain/index.md b/docs/identitymanager/saas/user-guide/maintain/index.md index a87dd649dc..a6da15da1f 100644 --- a/docs/identitymanager/saas/user-guide/maintain/index.md +++ b/docs/identitymanager/saas/user-guide/maintain/index.md @@ -6,24 +6,24 @@ sidebar_position: 60 # Maintain -- [ Update Identity Data ](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/index.md) +- [Update Identity Data](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/index.md) How to perform modifications in the identity repository, to manage onboarding, offboarding and position changes. - - [ Update an Individual Identity ](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/individual-update/index.md) + - [Update an Individual Identity](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/individual-update/index.md) How to perform changes in data for a single identity, through the UI. - - [ Update Multiple Identities ](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/multiple-update/index.md) + - [Update Multiple Identities](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/multiple-update/index.md) How to perform a same change in data for several identities simultaneously, through the UI. - - [ Update Identities in Bulk ](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/mass-update/index.md) + - [Update Identities in Bulk](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/mass-update/index.md) How to perform a mass change in identity data, by uploading a complete or incremental version of the identity repository. -- [ Troubleshoot ](/docs/identitymanager/saas/user-guide/maintain/troubleshooting/index.md) +- [Troubleshoot](/docs/identitymanager/saas/user-guide/maintain/troubleshooting/index.md) How to troubleshoot Identity Manager when facing technical issues. diff --git a/docs/identitymanager/saas/user-guide/maintain/troubleshooting/index.md b/docs/identitymanager/saas/user-guide/maintain/troubleshooting/index.md index 55b12b73cf..df9b126e5c 100644 --- a/docs/identitymanager/saas/user-guide/maintain/troubleshooting/index.md +++ b/docs/identitymanager/saas/user-guide/maintain/troubleshooting/index.md @@ -71,7 +71,7 @@ If a synchronization threshold is exceeded, then check whether the threshold is it means that the warning comes from a change in the managed system, so you should fix the data directly in the managed system. -See more details on [ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) thresholds. +See more details on [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) thresholds. ## Troubleshoot Provisioning Issues @@ -81,7 +81,7 @@ If provisioning orders are blocked while expected to be automatic, it can come f - the **Require Provisioning Review** option being enabled in the related resource type; - the role model being computed through the - [ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) + [Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) or the corresponding executable, with the block provisioning option; - a provisioning order being already blocked for the same resource due to a prior operation; - a correlation/classification rule with a confidence rate below 100%, which means that either diff --git a/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md b/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md index c77e911e95..af6eba7192 100644 --- a/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md +++ b/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md @@ -7,7 +7,7 @@ sidebar_position: 10 # Automate Role Assignments How to manually build rules to automate the assignment of roles to identities. See -the[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) +the[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Overview @@ -15,7 +15,7 @@ topic for additional information. Single role rules and composite role rules are assignment rules. Assignment rules are designed to automatically assign respectively single roles and composite roles (based on specific criteria) to identities. One rule must be created for every role to assign. See -the[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) +the[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Participants and Artifacts @@ -27,7 +27,7 @@ application's users, entitlements and data model. | ----------------------- | --------------------- | | Role Catalog (required) | Role assignment rules | -See the[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) +See the[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Create a Role Assignment Rule @@ -75,7 +75,7 @@ Create a role assignment rule by proceeding as follows: ## Impact of Modifications Any modification in a role assignment rule is taken into account when the next -[ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) runs to compute new assignments. Therefore, if a given rule's criterion is modified, then all corresponding assignments are computed again. If a role was assigned automatically to an identity by a role assignment rule, and if this assignment doesn't comply with the new version of the rule, then @@ -91,7 +91,7 @@ system. > `Orleans` department get said role, while the users in the `Tours` department are deprived of said > role. -[ Perform a Simulation ](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) is available in order to anticipate the changes +[Perform a Simulation](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) is available in order to anticipate the changes induced by a creation/modification/deletion in role assignment rules. Assignment rules can sometimes give to users an entitlement that they had already received manually. diff --git a/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md b/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md index 026795ae43..363d0bcf11 100644 --- a/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md +++ b/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md @@ -18,16 +18,10 @@ The strategy for the automation of entitlement assignment lies in the automatic decisions, based on several automation levels provided by Identity Manager: 1. Automation of the creation of the role model, i.e. both roles and navigation rules that represent - entitlements in the managed systems, through - [ Create Roles in Bulk ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) - based on resources' naming conventions in the managed systems. -2. Automation of entitlement assignment through assignment rules, which use identity criteria - (called dimensions, like identities' department or work location, etc.) to decide what - entitlements to assign automatically to identities. See the - [ Conforming Assignments ](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md) - topic for additional information. -3. Automation of the creation of said assignment rules through - [ Perform Role Mining ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md), based on existing data analysis. + entitlements in the managed systems, through [Create Roles in Bulk](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) based on resources' naming conventions in the managed systems. +2. Automation of entitlement assignment through assignment rules, which use identity criteria (called dimensions, like identities' department or work location, etc.) to decide what entitlements to assign automatically to identities. See the + [Conforming Assignments](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md) topic for additional information. +3. Automation of the creation of said assignment rules through [Perform Role Mining](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md), based on existing data analysis. ![Automation Concept](/img/product_docs/identitymanager/saas/user-guide/optimize/assignment-automation/automation_schema.webp) @@ -35,12 +29,9 @@ Assignment rules can sometimes give to users an entitlement that they had alread Hence, new assignment rules can imply redundancies between the entitlements assigned manually and approved, and those calculated by a rule and assigned automatically. -Netwrix Identity Manager (formerly Usercube) recommends -[Remove Redundant Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/remove-redundant-assignments/index.md) after any assignment rule is -created or updated. +Netwrix Identity Manager (formerly Usercube) recommends [Remove Redundant Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/remove-redundant-assignments/index.md) after any assignment rule is created or updated. -The main goal of automation is to reach the optimal cost, playing on assignment efficiency, quality -and quantity. +The main goal of automation is to reach the optimal cost, playing on assignment efficiency, quality and quantity. ### Assessment of manual assignment @@ -52,11 +43,11 @@ assignment poses the following risks: - Delay can happen: on the day a worker joins an organization, they rely on a manual action to get all the entitlements required for them to start working. Even with roles aiming to help managers to understand actual entitlements, delay happens. See - the[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic + the [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information.Errors can happen: human mistakes are expected in role distribution, even though largely mitigated by the role review process and - [ Perform Access Certification ](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md). See the - [ Reconcile a Role ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) + [Perform Access Certification](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md). See the + [Reconcile a Role](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) topic for additional information. - It is time-consuming. @@ -139,14 +130,14 @@ At this point, integrators should have all the elements they need to operate. | ----------------------- | ---------------------------- | | Role Catalog (required) | Ideally automated role model | -See the[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) +See the[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Automate Entitlement Assignment The process of assignment automation is the following: -1. [ Perform Role Mining ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) to approach the automation wall. +1. [Perform Role Mining](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) to approach the automation wall. Role Mining covers more use cases than writing assignment rules manually. It diminishes the error rate and implies a lower execution cost. And thus, it brings the optimal cost closer to @@ -170,7 +161,7 @@ The process of assignment automation is the following: the error rate allows Identity Manager to "ignore" one of the departments in the organization, and optimize automation. -2. [ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md)and analyze them with tools like Power +2. [Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md)and analyze them with tools like Power BI to assess the automation wall and identify improvement areas. > For example in the following Power BI chart, automation is, on average, highly implemented @@ -213,7 +204,7 @@ The process of assignment automation is the following: > in this direction to enhance automation. Moreover, focus must be directed on actual and correct entitlements, using Identity Manager's - [ Perform Access Certification ](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md). + [Perform Access Certification](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md). Data reliability prevents integrators from easy extrapolation mistakes. diff --git a/docs/identitymanager/saas/user-guide/optimize/assignment-automation/remove-redundant-assignments/index.md b/docs/identitymanager/saas/user-guide/optimize/assignment-automation/remove-redundant-assignments/index.md index 8a44169cba..6849a84166 100644 --- a/docs/identitymanager/saas/user-guide/optimize/assignment-automation/remove-redundant-assignments/index.md +++ b/docs/identitymanager/saas/user-guide/optimize/assignment-automation/remove-redundant-assignments/index.md @@ -16,7 +16,7 @@ topic for additional information. Assignment rules can sometimes give to users an entitlement that they had already received manually. Hence, new assignment rules can imply redundancies between the entitlements assigned manually and approved, and those calculated by a rule and assigned automatically. See the -[ Automate Role Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) topic for additional +[Automate Role Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) topic for additional information. Netwrix recommends removing redundant assignments after any assignment rule is created or updated. @@ -84,9 +84,9 @@ application's users, entitlements and data model. | Role catalog (required) Role assignment rules (required) Role mining (optional) | Minimized derogation’s | See the -[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md), -[ Automate Role Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md), and -[ Perform Role Mining ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) topics for additional information. +[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md), +[Automate Role Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md), and +[Perform Role Mining](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) topics for additional information. ## Remove Redundant Assignments @@ -101,7 +101,10 @@ Remove redundant assignments by proceeding as follows: **Step 2 –** Click on **Analyze** to tag the manual roles and resource types from all policies eligible for conversion to an automatic state. -**NOTE:** Previous tags are cleared at each instance of this tagging process. +:::note +Previous tags are cleared at each instance of this tagging process. +::: + **Step 3 –** Click on **Download Excel** to download a dedicated XLSX report which contains one tab per entity type representing identities. diff --git a/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md b/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md index 6ea782e7e3..227aba6a55 100644 --- a/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md +++ b/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md @@ -7,7 +7,7 @@ sidebar_position: 20 # Perform Role Mining How to use role mining to suggest role assignment rules based on existing assignments, in order to -push the [ Automate Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md) wall further. +push the [Automate Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md) wall further. ## Overview @@ -17,7 +17,7 @@ roles to users according to their attributes which are used as assignment criter > For example, in the AD, entitlements are given through group membership. Integrators create a > navigation rule to assign each group to the users who have the corresponding single role. Then, > the -> [ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +> [Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) > is able to assign single roles to users according to their existing group membership. > > In addition to group membership, the assignment of an entitlement to users could also depend on @@ -42,15 +42,15 @@ assignment rules. Role mining being a statistic tool based on existing entitlement assignments, it appears useless if the role model contains fewer than 2,000 role assignments. Then, start by reinforcing the Role Catalog. See -the[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) +the[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ### Technical Principles Role mining works through -[ Mining Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md) +[Mining Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/miningrule/index.md) that Identity Manager applies with the -[ Get Role Mining Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md). +[Get Role Mining Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/getroleminingtask/index.md). ### Entitlement differentiation with rule types @@ -94,7 +94,7 @@ At this point, integrators should have all the elements they need to operate. | ----------------------- | ----------------- | | Role Catalog (required) | Single role rules | -See the[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) +See the[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Create a Mining Rule @@ -119,7 +119,7 @@ Create a mining rule by proceeding as follows: the mining rule is applied, i.e. the entity type targeted by role mining's entitlement analysis. - `Category`: - [ Create a Category ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md) + [Create a Category](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md) containing the roles targeted by role mining's analysis. - `Include roles with specific validations`: includes in role mining's analysis the roles requiring zero and/or one and/or two and/or three validations. @@ -162,7 +162,7 @@ Create a mining rule by proceeding as follows: 3. Click on **Create** and see a line added on the rules page. 4. Click on **Simulate** to perfom role mining in a simulation. See - the[ Perform a Simulation ](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) topic for additional information. + the[Perform a Simulation](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) topic for additional information. ![Role Mining Jobs](/img/product_docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/rolemining_launchjob_v602.webp) diff --git a/docs/identitymanager/saas/user-guide/optimize/composite-role-creation/index.md b/docs/identitymanager/saas/user-guide/optimize/composite-role-creation/index.md index 142d1d1b6c..85f037a5cf 100644 --- a/docs/identitymanager/saas/user-guide/optimize/composite-role-creation/index.md +++ b/docs/identitymanager/saas/user-guide/optimize/composite-role-creation/index.md @@ -7,8 +7,8 @@ sidebar_position: 70 # Create a Composite Role How to define composite roles in order to create sets of single roles easy to assign. See the -[ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) -and [ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md)topics +[Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) +and [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md)topics for additional information. ## Overview @@ -16,7 +16,7 @@ for additional information. A composite role is a set of single roles that are usually assigned together, because they revolve around the same application, or the same job, etc. Composite roles are aggregates of single roles, they can help organize the role catalog. See the -[ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) +[Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) topic for additional information. ![Schema](/img/product_docs/identitymanager/saas/user-guide/optimize/composite-role-creation/compositeroles_applicativeroles.webp) @@ -28,7 +28,7 @@ user to perform a task, a composite role allows them to perform a job. ### Composite roles and Role Mining Composite roles can also be created based on the rules provided by Role Mining. Rules link roles to -dimensions. See the [ Perform Role Mining ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) topic for +dimensions. See the [Perform Role Mining](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) topic for additional information. The following example shows single roles from A to F. Role Mining suggested the rules on the schema, @@ -43,7 +43,7 @@ abstraction layer. Single role rules link composite roles to single roles: a single role rule states that specific single roles are assigned according to specific criteria, particularly composite roles. See the [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) -and [ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md)topics +and [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md)topics for additional information. Thus, a composite role assignment can imply specific single role assignments. @@ -56,7 +56,7 @@ application's users, entitlements and data model. | ----------------------- | --------------- | | Role catalog (required) | Composite roles | -See the [ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) +See the [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Create a Composite Role @@ -116,7 +116,7 @@ that. Simulations are available in order to anticipate the changes induced by a creation/modification/deletion in roles and single role rules. See the -[ Perform a Simulation ](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md)topic for additional information. +[Perform a Simulation](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md)topic for additional information. ## Verify Composite Role Creation @@ -132,4 +132,4 @@ parameters. ![Access Composite Roles](/img/product_docs/identitymanager/saas/user-guide/optimize/composite-role-creation/compositeroles_testroles_v602.webp) For rules, follow the instructions about assignment rules. See the -[ Automate Role Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) +[Automate Role Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) diff --git a/docs/identitymanager/saas/user-guide/optimize/hr-connector-creation/index.md b/docs/identitymanager/saas/user-guide/optimize/hr-connector-creation/index.md index bbc509a971..a95b91a9b5 100644 --- a/docs/identitymanager/saas/user-guide/optimize/hr-connector-creation/index.md +++ b/docs/identitymanager/saas/user-guide/optimize/hr-connector-creation/index.md @@ -8,7 +8,7 @@ sidebar_position: 20 How to create a connector dedicated to the automation of identity management (creation, update, deletion), via the synchronization of HR data into Identity Manager and internal provisioning. See -the[ Connect to a Managed System ](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md)provisioning. +the[Connect to a Managed System](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md)provisioning. ## Overview @@ -34,7 +34,7 @@ as contractor data, or the projects employees are working on. This can mean that most of the time. Hence we choose to build the first iteration of the project upon a manual data upload to -[ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md). +[Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md). This way, we do not have to wait for the agent's implementation to create the first profiles and start connecting systems (AD, SAB, SAP, etc.). Thus value is created faster and we can focus on IGA @@ -68,7 +68,7 @@ This operation should be performed in cooperation with HR staff who can access H | ------------------------------- | ------------ | | Identity Repository. (required) | HR connector | -See the [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md)topic +See the [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md)topic for additional information. ## Create an HR Connector @@ -76,9 +76,9 @@ for additional information. Create an HR connector by proceeding as follows: 1. Outside Identity Manager, - [ Model the Data ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md)of your connector. + [Model the Data](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md)of your connector. 2. Declare an HR connector using your local agent. See the - [ Create the Connector ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-declaration/index.md) topic for + [Create the Connector](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-declaration/index.md) topic for additional information. ![HR Connector Declaration](/img/product_docs/identitymanager/saas/user-guide/optimize/hr-connector-creation/hr_connectordeclaration_v602.webp) @@ -96,7 +96,7 @@ Create an HR connector by proceeding as follows: ![HR Entity Type - Navigation Properties](/img/product_docs/identitymanager/saas/user-guide/optimize/hr-connector-creation/hr_entitytypen_v602.webp) -5. Don't forget to reload and [ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) to access +5. Don't forget to reload and [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) to access HR data within Identity Manager. ![Reload](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/entitytypecreation_reload_v522.webp) diff --git a/docs/identitymanager/saas/user-guide/optimize/identity-datamodel-modification/index.md b/docs/identitymanager/saas/user-guide/optimize/identity-datamodel-modification/index.md index d67941c3dc..a6b58ebb35 100644 --- a/docs/identitymanager/saas/user-guide/optimize/identity-datamodel-modification/index.md +++ b/docs/identitymanager/saas/user-guide/optimize/identity-datamodel-modification/index.md @@ -16,9 +16,9 @@ permissions, and only the information strictly required for this purpose. You already considered the data needed for identity management during: - The initial identities loading and the creation of the identity repository; See the - [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic for + [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. -- [ Model the Data ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md)through connector +- [Model the Data](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md)through connector modeling which is the analysis phase before connector creation; - [Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md) which is the technical implementation of the connector model. @@ -33,7 +33,7 @@ This part is about integrating these changes in the existing data model. Identity Manager calls dimensions the attributes that assignment rules rely on. They are essential criteria that differentiate users in order to give them the appropriate roles. See the -[ Conforming Assignments ](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md) +[Conforming Assignments](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md) topic for additional information. ### Personal data security @@ -48,7 +48,7 @@ Integrators are able to perform an identity update if they master the new data m | ------------------------------------------------------------------------ | --------------------------- | | Initial identities loading (required) New identity data model (required) | Updated identity data model | -See the [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic +See the [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. ## Add or Modify Properties @@ -116,8 +116,8 @@ In order to verify the process: If the system contains numerous organizations, it is also possible to list them with their managers through the Query module. See - the[ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for additional information. + the[Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for additional information. -- [ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) with indicators, for example, on the +- [Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) with indicators, for example, on the number of workers per type or per organization (through Identity Manager's predefined reports, the Query module or Power BI), to ensure that Identity Manager's content sticks to reality. diff --git a/docs/identitymanager/saas/user-guide/optimize/index.md b/docs/identitymanager/saas/user-guide/optimize/index.md index 9ccf610a33..24ad16abec 100644 --- a/docs/identitymanager/saas/user-guide/optimize/index.md +++ b/docs/identitymanager/saas/user-guide/optimize/index.md @@ -6,16 +6,16 @@ sidebar_position: 40 # Optimize -- [ Modify the Identity Data Model ](/docs/identitymanager/saas/user-guide/optimize/identity-datamodel-modification/index.md) +- [Modify the Identity Data Model](/docs/identitymanager/saas/user-guide/optimize/identity-datamodel-modification/index.md) How to make data model properties evolve according to the organization's needs. -- [ Create an HR Connector ](/docs/identitymanager/saas/user-guide/optimize/hr-connector-creation/index.md) +- [Create an HR Connector](/docs/identitymanager/saas/user-guide/optimize/hr-connector-creation/index.md) How to create a connector dedicated to the automation of identity management (creation, update, deletion), via the synchronization of HR data into Identity Manager and internal provisioning. -- [ Manage Risks ](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md) +- [Manage Risks](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md) How to use the risk management module to identify entitlement assignments that pose a security risk, especially about segregation of duties and high privileges. @@ -28,15 +28,15 @@ sidebar_position: 40 How to automate the review of non-conforming assignments through automation rules. -- [ Automate Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md) +- [Automate Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/index.md) How to automate entitlement assignment. -- [ Automate Role Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) +- [Automate Role Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md) How to manually build rules to automate the assignment of roles to identities. -- [ Perform Role Mining ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) +- [Perform Role Mining](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) How to use role mining to suggest role assignment rules based on existing assignments, in order to push the automation wall further. @@ -54,7 +54,7 @@ sidebar_position: 40 How to reduce the number of roles in the model by configuring roles with parameters. -- [ Perform a Simulation ](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) +- [Perform a Simulation](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) How to assess the impact of a modification on the role model, including the role catalog, role assignment rules and resource correlation rules, using a dedicated policy. diff --git a/docs/identitymanager/saas/user-guide/optimize/non-conforming-assignment-review-automation/index.md b/docs/identitymanager/saas/user-guide/optimize/non-conforming-assignment-review-automation/index.md index 62890df863..dd317596f1 100644 --- a/docs/identitymanager/saas/user-guide/optimize/non-conforming-assignment-review-automation/index.md +++ b/docs/identitymanager/saas/user-guide/optimize/non-conforming-assignment-review-automation/index.md @@ -7,7 +7,7 @@ sidebar_position: 50 # Automate the Review of Non-conforming Assignments How to automate the review of non-conforming assignments through automation rules. See the -[ Review Non-conforming Assignments ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/index.md) +[Review Non-conforming Assignments](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/index.md) and [Automation Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/automationrule/index.md) topics for additional information. @@ -41,8 +41,8 @@ team's entitlements. | Mastered non-conforming assignment review (required) Categorized accounts (optional) | Automated assignment review | See the -[ Review Non-conforming Assignments ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/index.md) -and [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topics for additional +[Review Non-conforming Assignments](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/index.md) +and [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topics for additional information. ## Create an Automation Rule @@ -80,8 +80,11 @@ will be applied. - Workflow State — Workflow state of the assignments that need a decision. - Waiting Period — Time period since the last change in the assignments' workflow states. -_Remember,_ in a nutshell, this rule applies Decision to all assignments of Type (and matching all +:::tip +Remember, in a nutshell, this rule applies Decision to all assignments of Type (and matching all criteria), whose workflow state has been set to Workflow State for more than Waiting Period. +::: + ## Impact of Modifications diff --git a/docs/identitymanager/saas/user-guide/optimize/parameterized-role/index.md b/docs/identitymanager/saas/user-guide/optimize/parameterized-role/index.md index 36d79e34a6..d68a0e60dc 100644 --- a/docs/identitymanager/saas/user-guide/optimize/parameterized-role/index.md +++ b/docs/identitymanager/saas/user-guide/optimize/parameterized-role/index.md @@ -12,7 +12,7 @@ How to reduce the number of roles in the model by configuring roles with paramet The assignment of a role to a user gives them an entitlement, usually a group membership, thanks to a navigation rule. See the -[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for +[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ![Simple Role](/img/product_docs/identitymanager/saas/user-guide/optimize/parameterized-role/parameterizedroles_simplerole.webp) @@ -22,7 +22,7 @@ roles. For example, the SAP role can be given with slight differences according to the users' subsidiaries: -> ![Role Matrix](/img/product_docs/identitymanager/saas/user-guide/optimize/parameterized-role/parameterizedroles_numerousroles.webp) +**> ![Role Matrix](/img/product_docs/identitymanager/saas/user-guide/optimize/parameterized-role/parameterizedroles_numerousroles.webp)** In order to reduce the number of roles, we can configure roles with parameters by inserting a criterion in the navigation rules. Thus, instead of having as many roles as entitlements (left on @@ -46,7 +46,7 @@ types instead of entitlements. Configure a parametrized role by proceeding as follows: **Step 1 –** Create in XML a dimension corresponding to the parameter that will affect the role. See -the [ Dimension ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) +the [Dimension](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/dimension/index.md) topic for additional information. For example, let's consider that we have many roles available on three different time slots: 8 hours @@ -74,10 +74,14 @@ Here we have three navigation rules, one for each distinct time slot (dimension ![Example - Rule](/img/product_docs/identitymanager/saas/user-guide/optimize/parameterized-role/parameterizedrole_examplerule_v603.webp) -**NOTE:** Make sure that the corresponding dimension is specified in the right `DisplayEntityType` +:::note +Make sure that the corresponding dimension is specified in the right `DisplayEntityType` in XML to be displayed in the UI. +::: -**NOTE:** It is important to note that for manually assigned roles, if a new dimension is added to + +:::note +It is important to note that for manually assigned roles, if a new dimension is added to the definition of the role, the assignment's dimension will not be re-calculated, and will therefore not be propagated to calculate automatic assignments. Example Scenario — Role A was created as a composite role with no parameters a long time ago. Role A @@ -89,6 +93,8 @@ not get the role B. Since the modification occurred after the assignment, it is role was assigned voluntarily with dimension X unset. However, if a user got role A assigned after the modification, and its dimension X was equal to value Y, then that user would get the role B. +::: + ![Example - Role Parameter Required](/img/product_docs/identitymanager/saas/user-guide/optimize/parameterized-role/parameterizedrole_exampleroleparameter_v603.webp) @@ -115,7 +121,7 @@ script in the command line. In order to verify the process, request manually the parametrized role for a test user. Some additional pop-ups are displayed to set a value for the role's parameter. See the -[ Request Entitlement Assignment ](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md) topic for +[Request Entitlement Assignment](/docs/identitymanager/saas/user-guide/administrate/manual-assignment-request/index.md) topic for additional information. In our example: diff --git a/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md b/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md index ee9aba9e98..4ac79fd288 100644 --- a/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md +++ b/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md @@ -15,8 +15,8 @@ for additional information. A policy is a subgroup of the role model. It defines an ensemble of roles and assignment rules that apply to specific identities. So policies are used to handle separately several sets of identities, based on dimensions with different permissions and workflows. See the -[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) and -[ Conforming Assignments ](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md)topics +[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) and +[Conforming Assignments](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md)topics for additional information. Integrators must minimize the number of policies because it segments identities, and segmentation @@ -26,8 +26,11 @@ means, for example, one policy for workers (meaning employees and contractors), partners, another one for clients. But sometimes partners are included in the same policy as workers, it depends on the organization. -**NOTE:** Netwrix Identity Manager (formerly Usercube) provides a default policy. Only when the +:::note +Netwrix Identity Manager (formerly Usercube) provides a default policy. Only when the project is mature enough should integrators think about creating additional policies. +::: + ## Participants and Artifacts @@ -37,7 +40,7 @@ Integrators must have the knowledge of the organization strategy towards identit | ------------------------ | ------ | | Resource type (optional) | Policy | -See the [ Create a Resource Type ](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) +See the [Create a Resource Type](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) topic for additional information. ## Create a Policy @@ -88,8 +91,11 @@ The UI elements are identified as follows: - Always — The assignment's end date is always locked according to the applicable context rule - Dimensions — Criteria that, if met, trigger the membership of given identities to the policy -**NOTE:** What we call another IGA tool can be another application or even another version of +:::note +What we call another IGA tool can be another application or even another version of Identity Manager. +::: + **Step 4 –** Click on **Create**. diff --git a/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md b/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md index 9cc20774b6..e055f614f3 100644 --- a/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md +++ b/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md @@ -6,13 +6,13 @@ sidebar_position: 30 # Manage Risks -How to use the [ Risk Management ](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) module to +How to use the [Risk Management](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) module to identify entitlement assignments that pose a security risk, especially about segregation of duties and high privileges. ## Overview -A [ Risk ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) +A [Risk](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/risk/index.md) describes a sensitive situation in which entitlement assignments need to be monitored for security purposes. Examples include: @@ -20,12 +20,12 @@ purposes. Examples include: the same identity. - High privilege: a particularly sensitive entitlement. -[ Risk Management ](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) is essential to auditing. +[Risk Management](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) is essential to auditing. Among other things, it allows auditors to: - Identify the identities representing the highest security risk. - Compute the corresponding risk score. -- Schedule and [ Perform Access Certification ](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md) +- Schedule and [Perform Access Certification](/docs/identitymanager/saas/user-guide/administrate/access-certification/index.md) accordingly. Using risks involves three steps: @@ -44,8 +44,8 @@ assess risks inherent to entitlements. | ------------------------------------------------------ | ------------- | | Identity repository (required) Role catalog (required) | Risks catalog | -See the [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) and -[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topics for +See the [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) and +[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topics for additional information. ## Create a Risk @@ -75,7 +75,7 @@ Create a risk by proceeding as follows: - `Remediation`: potential alternative solutions that will be displayed with the exemption policy message. - `Exemption Policy` See the - [ Risk Management ](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) topic for additional + [Risk Management](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) topic for additional information. - `Type` - `Level`: risk level that is used to compute risk scores. @@ -87,7 +87,7 @@ Create a risk by proceeding as follows: When risks are based on the exemption policy called **Approval required**, the corresponding role requests appear on the **Role Review** screen with a specific workflow state. See below this note. See the - [ Reconcile a Role ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) + [Reconcile a Role](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) topic for additional information. ![Risk Icon](/img/product_docs/identitymanager/saas/user-guide/optimize/risk-management/riskmanagement_workflowstate_v523.webp) @@ -110,7 +110,7 @@ Create a risk by proceeding as follows: > `DL-INTERNET-Restricted` as a value of the `memberOf` property. 4. Choose the resource type to be targetted by the risk. See the - [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. + [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. > We choose `AD User (administration)` to prevent this situation from happening in our example. @@ -120,7 +120,7 @@ Create a risk by proceeding as follows: 6. Choose a value for this navigation property. The value would be a resource from the unified resource repository. See the - [ Identity Management ](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md) topic + [Identity Management](/docs/identitymanager/saas/introduction-guide/overview/identity-management/index.md) topic for additional information. > The group `DL-INTERNET-Restricted` in our example. @@ -169,7 +169,7 @@ be blocked. The deletion of a risk simply triggers the computation of risk scores during the next `Compute Risk Scores` task, and removes any exemption policy steps in an assignment request. See the -[ Risk Management ](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) topic for additional +[Risk Management](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) topic for additional information. ## Verify Risk Management @@ -179,6 +179,6 @@ the created risk, and check the consequences: - The message displayed at the end of the entitlement request must correspond to the configuration of the exemption policy. See the - [ Risk Management ](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) topic for additional + [Risk Management](/docs/identitymanager/saas/integration-guide/governance/risks/index.md) topic for additional information. - Once the entitlement is assigned, a line must appear on the **Identified Risks** page. diff --git a/docs/identitymanager/saas/user-guide/optimize/simulation/index.md b/docs/identitymanager/saas/user-guide/optimize/simulation/index.md index 5bb2812ce9..32af5d23a1 100644 --- a/docs/identitymanager/saas/user-guide/optimize/simulation/index.md +++ b/docs/identitymanager/saas/user-guide/optimize/simulation/index.md @@ -9,8 +9,8 @@ sidebar_position: 90 How to assess the impact of a modification on the role model, including the role catalog, role assignment rules and resource correlation rules, using a dedicated [Create a Policy](/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md). See the -[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md), -[ Automate Role Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md)[ Correlate Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md), +[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md), +[Automate Role Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md)[Correlate Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md), and [Create a Policy](/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md) topics for additional information. ## Overview @@ -22,21 +22,21 @@ involve: - Correlation rules and classification Rule; - Scalar rules and navigation rules; - Resource Type rules; -- [ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) +- [Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) and - [ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md); + [Composite Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md); - [Single Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerolerule/index.md) and [Composite Role Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerolerule/index.md). -See the [ Correlate Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md) -[ Resource Classification Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md), +See the [Correlate Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md) +[Resource Classification Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md), and [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topics for additional information. A simulation can also be created by the -[ Perform Role Mining ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) for the automation of role +[Perform Role Mining](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/role-mining/index.md) for the automation of role assignments. Through simulation, integrators can: @@ -60,9 +60,9 @@ Integrators are able to perform simulation if they master the new role model. | -------------------------------------------------------------------------------------------- | ------------------ | | Role catalog (optional) Automate Role Assignments (optional) Categorize Resources (optional) | Updated role model | -See the [ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md), -[ Automate Role Assignments ](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md), and -[ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topics for additional information. +See the [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md), +[Automate Role Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/automate-role-assignment/index.md), and +[Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topics for additional information. ## Launch a Simulation @@ -116,7 +116,7 @@ After all needed changes have been simulated, you can decide to apply or cancel Then, the simulation is no longer active. Clicking on **Apply** applies the simulated changes to the role model. You need to launch the -[ Compute Role Model Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) +[Compute Role Model Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/computerolemodeltask/index.md) to observe the actual changes in users' entitlements. ## Impact of Modifications diff --git a/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md b/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md index 95aee1f6d3..8e19ca3878 100644 --- a/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md @@ -7,9 +7,9 @@ sidebar_position: 30 # Classify Resources How to define -[ Resource Classification Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) +[Resource Classification Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourceclassificationrule/index.md) in order to classify remaining uncorrelated resources, assigning them resource types. See the -[ Create a Resource Type ](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) topic for additional information. +[Create a Resource Type](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) topic for additional information. ## Overview @@ -17,7 +17,7 @@ in order to classify remaining uncorrelated resources, assigning them resource t Classification is the process of putting on an existing resource a label called resource type, to show its intent and/or purpose within the managed system. See the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) +[Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Every resource type can be assigned a set of classification rules. @@ -103,7 +103,7 @@ application users, entitlements and data model. | Input | Output | | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- | -| [ Create a Resource Type ](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) (required) [ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) (required) [ Correlate Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md) (recommended) | Classification rules | +| [Create a Resource Type](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) (required) [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) (required) [Correlate Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md) (recommended) | Classification rules | ## Create a Classification Rule @@ -160,7 +160,7 @@ screen) can have their classification questioned and re-computed. Simulations are available in order to anticipate the changes induced by a creation/modification/deletion in classification rules. See the -[ Perform a Simulation ](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) topic for additional information. +[Perform a Simulation](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) topic for additional information. Any modification in classification rules is taken into account via the classification job: on the connector dashboard and in the **Resource Types** frame, click on **Jobs** > **Classify Resource diff --git a/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md b/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md index 6303a4943d..bb367474e7 100644 --- a/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md @@ -7,7 +7,7 @@ sidebar_position: 20 # Correlate Resources How to define the -[ Resource Correlation Rule ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) +[Resource Correlation Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcecorrelationrule/index.md) to match up resources across systems, usually accounts with their owner. ## Overview @@ -15,10 +15,7 @@ to match up resources across systems, usually accounts with their owner. ### Correlation purpose Correlation is the process of establishing an ownership relationship between a source resource -(usually an identity) and a target resource (usually an account). It is the basis of the link -between an identity and their fine-grained entitlements. See the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) -topic for additional information. +(usually an identity) and a target resource (usually an account). It is the basis of the link between an identity and their fine-grained entitlements. See the [Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. Every resource type can be assigned a set of correlation rules. @@ -119,10 +116,10 @@ application users, entitlements and data model. | Input | Output | | -------------------------------------------------------------------------------------------------------------------------- | ----------------- | -| Identity repository ( (required) Resource types (required) [ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) (required) | Correlation rules | +| Identity repository (required) Resource types (required) [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) (required) | Correlation rules | -See the [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) and -[ Create a Resource Type ](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) topics for additional information. +See the [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) and +[Create a Resource Type](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) topics for additional information. ## Create a Correlation Rule @@ -147,11 +144,8 @@ Fill a resource type with a correlation rule by proceeding as follows: ![New Correlation Rule Fields](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/correlation/resourcetype_newcorrelrulefields_v602.webp) - **Source Object**: at least one property from the source system that is going to be linked to - a given target object. Can be defined by a property path and/or an - [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md). - - **Target Object**: one property from the managed system that is going to be linked to a given - source object. Can be defined by a property path and/or an - [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md). + a given target object. Can be defined by a property path and/or an [Expression](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md). + - **Target Object**: one property from the managed system that is going to be linked to a given source object. Can be defined by a property path and/or an [Expression](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md). - `Confidence Rate`: rate expressing the rule's reliability, and its priority order. > In this example, a person via their login and name, is the owner of a nominative AD > account via its `sAMAccountName` attribute and display name: @@ -178,9 +172,7 @@ can have their correlation and classification re-computed. Even without selecting an owner, reviewing unauthorized accounts on the **Resource Reconciliation** screen "blocks" correlation and classification "as is". Neither will be re-computed. -Simulations are available in order to anticipate the changes induced by a -creation/modification/deletion in correlation rules. See the -[ Perform a Simulation ](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) topic for additional information. +Simulations are available in order to anticipate the changes induced by a creation/modification/deletion in correlation rules. See the [Perform a Simulation](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) topic for additional information. Any modification in correlation rules is taken into account via the following jobs: on the connector dashboard and in the **Resource Types** frame, click on **Jobs** > **Prepare Correlation Keys**, and @@ -190,10 +182,7 @@ then on **Jobs** > **Compute Role Model**. ## Verify Correlation -In order to verify the process, check the list of -[Review Orphaned and Unused Accounts](/docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/index.md) -and analyze them to look for patterns revealing correlation issues. To do so, click on the target -entity type(s) affected by your rule(s) in the left menu of the home page. +In order to verify the process, check the list of [Review Orphaned and Unused Accounts](/docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/index.md) and analyze them to look for patterns revealing correlation issues. To do so, click on the target entity type(s) affected by your rule(s) in the left menu of the home page. ![Test Entity Type](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/classification/entitytypecreation_test_v602.webp) diff --git a/docs/identitymanager/saas/user-guide/set-up/categorization/index.md b/docs/identitymanager/saas/user-guide/set-up/categorization/index.md index d5603c145d..ac7ba405f7 100644 --- a/docs/identitymanager/saas/user-guide/set-up/categorization/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/categorization/index.md @@ -6,8 +6,7 @@ sidebar_position: 80 # Categorize Resources -How to correlate managed systems' resources with identities, classifying resources into -[ Create a Resource Type ](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md). +How to correlate managed systems' resources with identities, classifying resources into [Create a Resource Type](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md). ## Overview @@ -45,19 +44,14 @@ Thus, a resource type is a name that informs users about the intent of a resourc it serves to implement our two elements of categorization. This happens with two distinct sets of rules, one for correlation, and the other for classification. -**Classification** is a process that simply aims to assign a resource type to specific resources. A -specific resource can only be assigned a single resource type. See the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) -topic for additional information. +**Classification** is a process that simply aims to assign a resource type to specific resources. A specific resource can only be assigned a single resource type. See the [Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. ![Classification Schema](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/categorization_classifschema.webp) Any resource that is unclassified will not be available for review. **Correlation** is a process that aims to establish an ownership relationship between two resources. -In most cases, an identity resource that becomes the owner of an account resource. See the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) -topic for additional information. +In most cases, an identity resource that becomes the owner of an account resource. See the [Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. ![Correlation Schema](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/categorization_correlschema.webp) @@ -98,11 +92,9 @@ As stated previously, both classification and correlation work through sets of r Sometimes you may not know if your rules are always going to apply. Therefore, each rule expresses a certain level of confidence. Identity Manager will establish a priority order between rules based on the confidence rate, and will also act differently depending on whether the confidence rate is above -or below 100%. See the [ Correlate Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md) topic for additional -information. +or below 100%. See the [Correlate Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md) topic for additional information. -A resource type can have zero correlation rules, since accounts can be without owners. But a -resource type with neither correlation nor classification rules serves no purpose. +A resource type can have zero correlation rules, since accounts can be without owners. But a resource type with neither correlation nor classification rules serves no purpose. **Correlation triggers classification:** a matching correlation rule for a given resource type will perform both actions of categorization: both correlating a resource with its owner, and classifying @@ -110,25 +102,16 @@ the resource at the same time. See below this note. -Hence, integrators should start with correlation rules, and then write classification rules for any -remaining uncorrelated resources. +Hence, integrators should start with correlation rules, and then write classification rules for any remaining uncorrelated resources. In the same way, Identity Manager will apply correlation rules before classification rules. ![Categorization Schema](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/categorization_categschema.webp) -Now that you have created resource types and their correlation/classification rules, you have -created the first elements for your role model. See the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) -topic for additional information. The role model contains all the roles and rules which drive the -entitlement assignment logic inside Identity Manager. +Now that you have created resource types and their correlation/classification rules, you have created the first elements for your role model. See the [Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. The role model contains all the roles and rules which drive the entitlement assignment logic inside Identity Manager. -A role model is made up of -[Policy](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/policy/index.md) which -contain roles, rules and resource types. Most often the default policy is enough. However, in more -complex situations, additional policies can be created to separate groups of roles, rules and -resource types. See the [Create a Policy](/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md) topic for -additional information. +A role model is made up of [Policy](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/policy/index.md) which contain roles, rules and resource types. Most often the default policy is enough. However, in more +complex situations, additional policies can be created to separate groups of roles, rules and resource types. See the [Create a Policy](/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md) topic for additional information. ## Participants and Artifacts @@ -137,25 +120,20 @@ application's users, entitlements and data model. | Input | Output | | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------- | -| [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) (required) [ Create a Resource Type ](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) (required) [ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) (required) | Categorized resources Correlated accounts Orphaned account list | +| [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) (required) [Create a Resource Type](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) (required) [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) (required) | Categorized resources Correlated accounts Orphaned account list | ## Categorize Resources Categorize resources by proceeding as follows: -1. Create at least one [ Create a Resource Type ](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md); -2. Create the appropriate [ Correlate Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md); -3. Create the appropriate [ Classify Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) for accounts that do not - have an owner. +1. Create at least one [Create a Resource Type](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md); +2. Create the appropriate [Correlate Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md); +3. Create the appropriate [Classify Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) for accounts that do not have an owner. -Netwrix Identity Manager (formerly Usercube) recommends creating/modifying/deleting correlation and -classification rules using [ Perform a Simulation ](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) in order to -previsualize changes. +Netwrix Identity Manager (formerly Usercube) recommends creating/modifying/deleting correlation and classification rules using [Perform a Simulation](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) in order to previsualize changes. ## Next Steps -Once accounts are categorized, integrators can start to -[ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md). +Once accounts are categorized, integrators can start to [Create a Provisioning Rule](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md). -Categorization also enables the -[Review Orphaned and Unused Accounts](/docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/index.md). +Categorization also enables the [Review Orphaned and Unused Accounts](/docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/index.md). diff --git a/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md b/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md index 3199a71f7b..4a1b11d459 100644 --- a/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md @@ -6,15 +6,12 @@ sidebar_position: 10 # Create a Resource Type -How to create the container for future correlation and classification rules inside a given managed -system. +How to create the container for future correlation and classification rules inside a given managed system. ## Overview -A -[Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) -is created to highlight differences in intent between resources. It materializes the organization's -profiles. In a given managed system, different types of resources have different security needs. +A [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) +is created to highlight differences in intent between resources. It materializes the organization's profiles. In a given managed system, different types of resources have different security needs. > For example, can usually be found: > @@ -28,46 +25,30 @@ profiles. In a given managed system, different types of resources have different In practice, a specific resource type is created for a given resource when there are differences in: - the owner type (for example worker, partner, customer, application, robot, etc.); -- the required set of classification and/or correlation rules; See the - [ Classify Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md), and - [ Correlate Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md) topics for additional information. -- the approval circuit for a resource's modification or assignment, i.e. the number of required - approvals, validators, etc.; -- the type of provisioning (manual or automatic). See the - [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) topic for additional information. +- the required set of classification and/or correlation rules; See the [Classify Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md), and [Correlate Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md) topics for additional information. +- the approval circuit for a resource's modification or assignment, i.e. the number of required approvals, validators, etc.; +- the type of provisioning (manual or automatic). See the [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) topic for additional information. ### Source vs. target resource -Resource types are the vessel for ownership relationships. They involve the definition of source and -target objects chosen from among the properties of existing entity types. The source (usually -identities) is the owner of the target (usually resources from your managed systems, such as a -nominative AD account). This relationship is the basis for correlation as much as for future -provisioning. See the [Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md), -[ Correlate Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md), -and[Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) topics for additional information. +Resource types are the vessel for ownership relationships. They involve the definition of source and target objects chosen from among the properties of existing entity types. The source (usually identities) is the owner of the target (usually resources from your managed systems, such as a nominative AD account). This relationship is the basis for correlation as much as for future provisioning. See the [Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md), [Correlate Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md), and [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) topics for additional information. -See the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) -topic for additional information. +See the [Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. ## Participants and Artifacts -For a given managed system, integrators may need the help of the application owner who knows the -application users, entitlements and data model. +For a given managed system, integrators may need the help of the application owner who knows the application users, entitlements and data model. | Input | Output | | --------------------------------------------------------------------------------------- | ------------- | | Identity repository (optional) Target connector (required) Synchronized data (optional) | Resource type | -See the -[ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md)[ Connect to a Managed System ](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md), -and [ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) topics for additional information. +See the [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md), [Connect to a Managed System](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md), +and [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) topics for additional information. ## Create a Resource Type -A new resource type requires an existing entity type. See the -[Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md) topic for additional -information. +A new resource type requires an existing entity type. See the [Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md) topic for additional information. Create a resource type by proceeding as follows: @@ -76,8 +57,7 @@ Create a resource type by proceeding as follows: ![Addition Icon](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/classification/iconadd_v602.svg) Resource types can also be created through the **Access Roles** screen (accessible from the home - page, in the **Configuration** section), using the **+ New** button and selecting - `Resource Type` in the first field called `Type`. + page, in the **Configuration** section), using the **+ New** button and selecting `Resource Type` in the first field called `Type`. ![Home - Access Roles](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/home_roles_v602.webp) @@ -85,49 +65,22 @@ Create a resource type by proceeding as follows: ![New Resource Type](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/resourcetype_newresourcet_v603.webp) - - `Identifier`: must be unique among resource types, without any whitespace, and be - C#-compatible. + - `Identifier`: must be unique among resource types, without any whitespace, and be C#-compatible. [See Microsoft lexical structure](https://learn.microsoft.com/en-us/dotnet/csharp/language-reference/language-specification/lexical-structure#see-microsoft-lexical-structure). - `Name`: will be displayed in the UI to identify the resource type. - `Policy`: [policy](/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md) in which the resource type exists. - - `Source Entity Type`: entity type (from any existing connector) used to fill the target entity - type. - - `Target Entity Type`: entity type (part of the connector) to be filled with the source entity - type. - - `Category`: category assigned to the resource type. It can be chosen from among the existing - categories or [created](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) directly from the - categories list by clicking on the **+ Category** button. - - `Approval Workflow`: represents the number of validations required to assign a resource from - this type to an identity. - - `Approve Role Implicitly`: relevant only for workflows with at least a simple approval - process. `Implicit` mode bypasses the approval step(s) if the person who issues the role - request is also the role officer. `Explicit` refuses said bypass. `Inherited` follows the - policy decision to approve role implicitly or not. See the - [Create a Policy](/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md) topic for additional - information. - - `Prolongation without a new approval workflow`: enables the resource type to have its - assignment's end date postponed without any validation. `Inherited` follows the policy - decision to enable this option or not. See the - [Create a Policy](/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md) topic for additional - information. - - `Hide in Simplified View`: hides the role from the users' **Simplified View** in **View - Permissions** dialog. This setting does not apply to roles which are either inferred or have - workflow states which require manual action. - - `Arguments Expression`: when using a connection for automatic provisioning, C# expression used - to compute a dictionary of strings in order to compute the arguments of - [provisioning](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) orders, such as the identifier of - the workflow to launch within Identity Manager, or the identifier of the user's record to - copy. See the [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) topic for additional - information. - - `Allow Addition`: enables Identity Manager to automatically create new resources in the - managed system when their owners are given the right entitlements. Otherwise, resource - managers must create resources manually directly in the managed system. - - > Consider a role `SAP` which assigns an SAP account to a user. Consider also that SAP - > accounts are configured with `Allow Addition` disabled. In this case, if we give the role - > `SAP` to a user, then said user doesn't automatically receive an SAP account. The relevant - > resource manager must create an account for said user in the SAP application. + - `Source Entity Type`: entity type (from any existing connector) used to fill the target entity type. + - `Target Entity Type`: entity type (part of the connector) to be filled with the source entity type. + - `Category`: category assigned to the resource type. It can be chosen from among the existing categories or [created](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) directly from the categories list by clicking on the **+ Category** button. + - `Approval Workflow`: represents the number of validations required to assign a resource from this type to an identity. + - `Approve Role Implicitly`: relevant only for workflows with at least a simple approval process. `Implicit` mode bypasses the approval step(s) if the person who issues the role request is also the role officer. `Explicit` refuses said bypass. `Inherited` follows the policy decision to approve role implicitly or not. See the [Create a Policy](/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md) topic for additional information. + - `Prolongation without a new approval workflow`: enables the resource type to have its assignment's end date postponed without any validation. `Inherited` follows the policy decision to enable this option or not. See the [Create a Policy](/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md) topic for additional information. + - `Hide in Simplified View`: hides the role from the users' **Simplified View** in **View Permissions** dialog. This setting does not apply to roles which are either inferred or have workflow states which require manual action. + - `Arguments Expression`: when using a connection for automatic provisioning, C# expression used to compute a dictionary of strings in order to compute the arguments of [provisioning](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) orders, such as the identifier of the workflow to launch within Identity Manager, or the identifier of the user's record to copy. See the [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) topic for additional information. + - `Allow Addition`: enables Identity Manager to automatically create new resources in the managed system when their owners are given the right entitlements. Otherwise, resource managers must create resources manually directly in the managed system. + + > Consider a role `SAP` which assigns an SAP account to a user. Consider also that SAP accounts are configured with `Allow Addition` disabled. In this case, if we give the role `SAP` to a user, then said user doesn't automatically receive an SAP account. The relevant resource manager must create an account for said user in the SAP application. - `Allow Removal`: enables Identity Manager to automatically deprovision resources in the managed system when their owners are deprived of the right entitlements. Otherwise, Identity @@ -150,9 +103,7 @@ Create a resource type by proceeding as follows: their owner is deleted. Otherwise, said resources are displayed on the **Resource Reconciliation** screen. Can be activated only if `Allow Removal` is activated too. - `Require Provisioning Review`: forces an additional mandatory review of all provisioning - orders for the resource type (on the - [ Review Provisioning ](/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md) - screen). + orders for the resource type (on the [Review Provisioning](/docs/identitymanager/saas/user-guide/administrate/provisioning/provisioning-review/index.md) screen). > Consider AD accounts. While nominative accounts can be provisioned without specific > precautions (option set to `No`), administrator accounts sometimes require an additional diff --git a/docs/identitymanager/saas/user-guide/set-up/configure-global-settings/index.md b/docs/identitymanager/saas/user-guide/set-up/configure-global-settings/index.md index 81c432e9ea..9ad735cf64 100644 --- a/docs/identitymanager/saas/user-guide/set-up/configure-global-settings/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/configure-global-settings/index.md @@ -30,7 +30,7 @@ The customization includes the following: It presents the languages in which the application can be displayed. In the above example you have English-United States and French-France. -See the [ Languages ](/docs/identitymanager/saas/integration-guide/toolkit/languages/index.md) topic for additional +See the [Languages](/docs/identitymanager/saas/integration-guide/toolkit/languages/index.md) topic for additional information. ### Features diff --git a/docs/identitymanager/saas/user-guide/set-up/configure-workflows/index.md b/docs/identitymanager/saas/user-guide/set-up/configure-workflows/index.md index f95969c9e6..26961fa428 100644 --- a/docs/identitymanager/saas/user-guide/set-up/configure-workflows/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/configure-workflows/index.md @@ -24,7 +24,7 @@ Usually, using one of these workflows means: 2. if needed, sending the request of user creation for review by a knowledgeable user. See how to -[ Update an Individual Identity ](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/individual-update/index.md)in +[Update an Individual Identity](/docs/identitymanager/saas/user-guide/maintain/identity-data-modification/individual-update/index.md)in Identity Manager. ### User Creation Review @@ -59,7 +59,7 @@ process and homonym detection during users' onboarding. | ------------------------------ | ----------------------------- | | Identity repository (required) | Adjusted Onboarding Workflows | -See the [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic for +See the [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. ## Configure Onboarding Workflows diff --git a/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md b/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md index 6fbab3628c..385041080a 100644 --- a/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md @@ -7,9 +7,9 @@ sidebar_position: 30 # Create a Connection How to create a -[ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) +[Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) inside a -[ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) +[Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) and choose the appropriate package. ## Overview @@ -18,7 +18,7 @@ A connection is the information that allows to connect to a managed system, whic credentials and path. There is a minimum of one connection per connector. In many cases, there is one connection -to[ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md)and one connection for +to[Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md)and one connection for [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md). A connection is associated with a package, representing the technology to use for the data transfer. @@ -32,8 +32,8 @@ purpose of the application. | ------------------------------------------------------- | ------------- | | Connector container(required) Connector model(required) | Connection(s) | -See the [ Create the Connector ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-declaration/index.md) and -[ Model the Data ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) topics for additional information. +See the [Create the Connector](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-declaration/index.md) and +[Model the Data](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) topics for additional information. ## Create a Connection @@ -71,7 +71,7 @@ A package is chosen according to the following constraints: performed for real-time needs, while complete synchronizations, scheduled no more than once a day, will recover any changes that may have slipped through the cracks of the incremental synchronizations. See the - [ Upward Data Synchronization ](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) + [Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) topic for additional information. - Do we need [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md)? If so, should provisioning be @@ -142,7 +142,7 @@ In order to verify the process: ![Check Connection](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/connectioncreation_checkconnection_v602.webp) Some connectors have both incremental and complete setting modes. See the - [ Jobs ](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md)topic for additional + [Jobs](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md)topic for additional information. They are relatively independent so they both need to be tested. 2. check that the connection appears in the **Connections** frame with the right options, and diff --git a/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-declaration/index.md b/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-declaration/index.md index 4486cd03d5..d19a5c2e4f 100644 --- a/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-declaration/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-declaration/index.md @@ -6,8 +6,7 @@ sidebar_position: 20 # Create the Connector -How to declare the technical container of a -[ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md). +How to declare the technical container of a [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md). ## Overview @@ -17,14 +16,11 @@ related to a single managed system. Keep in mind that a Identity Manager installation can have more than one agent. Connectors should be created with a specific agent in mind since the agent needs to physically connect to the managed system's data. Fortunately, you don't need to worry about that right now, since you are starting -with the agent provided with Identity Manager's SaaS environment. See the -[ Architecture ](/docs/identitymanager/saas/introduction-guide/architecture/index.md) topic for additional -information. +with the agent provided with Identity Manager's SaaS environment. See the [Architecture](/docs/identitymanager/saas/introduction-guide/architecture/index.md) topic for additional information. ## Participants and Artifacts -For a given managed system, integrators may need the help of the application owner who knows the -purpose of the application. +For a given managed system, integrators may need the help of the application owner who knows the purpose of the application. | Input | Output | | ----- | --------------- | @@ -53,10 +49,10 @@ Create a connector container by proceeding as follows: Netwrix Identity Manager (formerly Usercube)recommends choosing the provided SaaS agent. - - `Complete Job`: [ Jobs ](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md) scheduled to + - `Complete Job`: [Jobs](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md) scheduled to perform a set of tasks, including completesynchronization and/or provisioning for all the connectors, for which you selected the corresponding checkbox. - - `Incremental Job`: [ Jobs ](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md) scheduled + - `Incremental Job`: [Jobs](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md) scheduled to perform frequently a set of tasks, including incrementalsynchronization and/or provisioning for all the connectors, for which you selected the corresponding checkbox. diff --git a/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md b/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md index 236501b5e3..ddd8c68edd 100644 --- a/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md @@ -295,7 +295,7 @@ In further steps, you will be able to define one resource type per account type a role for assignment and provisioning. **Roles:** During -the[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md)step for this +the[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md)step for this connector you can build roles based on the group-membership system represented by users and profiles. Thus you will create navigation rules to represent the link between users and profiles. diff --git a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md index 0c6875935b..68ae2149c7 100644 --- a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md @@ -26,8 +26,8 @@ in alphabetic order. Organize resources' datasheets by proceeding as follows: 1. Start by creating the entity type with its scalar properties and keys. See the - [ Define Scalar Properties ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md) and - [ Select Primary Keys ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md) topics for additional information. + [Define Scalar Properties](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md) and + [Select Primary Keys](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md) topics for additional information. 2. Ensure that the created properties are saved by clicking on **Save & Close** > **Save** at the top right corner. 3. On the entity type's definition page, click on the **Display** tab. @@ -61,7 +61,7 @@ Organize resources' datasheets by proceeding as follows: 6. Click on **Save & Close**. Changes in display groups won't take effect until the next - [ Update Entity Property Expressions Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) + [Update Entity Property Expressions Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) runs. ## Reload diff --git a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md index 4419c1e345..935b6c2ea8 100644 --- a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md @@ -6,8 +6,7 @@ sidebar_position: 50 # Set Resources' Display Names -How to change the value of the display name for resources of an -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). +How to change the value of the display name for resources of an [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). ## Overview @@ -25,18 +24,13 @@ first scalar property after alphabetizing all the properties whose name contains Set the resource's display name by proceeding as follows: -1. Start by creating the entity type with its calar properties and keys. See the - [ Define Scalar Properties ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md) and - [ Select Primary Keys ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md) topics for additional information. -2. Ensure that the created properties are saved by clicking on **Save & Close** > **Save** at the - top right corner. +1. Start by creating the entity type with its calar properties and keys. See the [Define Scalar Properties](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md) and [Select Primary Keys](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md) topics for additional information. +2. Ensure that the created properties are saved by clicking on **Save & Close** > **Save** at the top right corner. 3. On the entity type's definition page, click on the **Settings** tab. ![Display Name - Property Path](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/entitytypecreation_displayname_v603.webp) -4. Set the display name. As a display name, you can use either the value of an existing property, or - compute [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md) based on - existing properties. +4. Set the display name. As a display name, you can use either the value of an existing property, or compute [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md) based on existing properties. > A resource from `AD - Entry` can be displayed using its `userPrincipalName` with predefined > functions. @@ -53,11 +47,7 @@ Set the resource's display name by proceeding as follows: 5. Click on **Save & Close**. - Changes inside connectors won't take effect until the next - [ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md). More specifically, changes in display - names won't take effect until the next - [ Update Entity Property Expressions Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) - runs. + Changes inside connectors won't take effect until the next [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md). More specifically, changes in display names won't take effect until the next [Update Entity Property Expressions Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/server/updateentitypropertyexpressionstask/index.md) runs. ## Reload @@ -78,5 +68,4 @@ If no property appears in the display name auto-completion, then: ![No Property](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/entitytypecreation_troubleprop_v602.webp) -Ensure that the created properties are saved by clicking on **Save & Close** > **Save** at the top -right corner of the screen. +Ensure that the created properties are saved by clicking on **Save & Close** > **Save** at the top right corner of the screen. diff --git a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md index eaf8fc653b..6f9377c971 100644 --- a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md @@ -6,15 +6,11 @@ sidebar_position: 10 # Create the Entity Type -How to create the technical container of an -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). +How to create the technical container of an [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md). ## Overview -Here, you will learn how to create an -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md): -the shell that harbors the (scalar and navigation) properties which describe a given set of -resources related to one managed system. +Here, you will learn how to create an [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md): the shell that harbors the (scalar and navigation) properties which describe a given set of resources related to one managed system. ## Create the Entity Type @@ -58,8 +54,7 @@ Create the entity type by proceeding as follows: ## Next Steps -To continue,[ Define Scalar Properties ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md)for this entity -type. +To continue, [Define Scalar Properties](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md)for this entity type. ## Troubleshooting @@ -70,18 +65,13 @@ If there are no connection tables available in the **Source** dropdown list of a Ensure that there are existing connections: - if this is the case, then click on **Refresh all schemas** on the connector page, and verify that - there is no error. See the [Create a Connection](/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md) topic for - additional information. + there is no error. See the [Create a Connection](/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md) topic for additional information. - if not, then you must create at least one connection. If there is a message stating to refresh the connection's schema, then: ![No Connection Table Error](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/entitytypecreation_troubleshootingschema_v603.webp) -Start by making sure that the connection's schema is refreshed by clicking on **Refresh all -schemas** on the connector page, and verify that there is no error. +Start by making sure that the connection's schema is refreshed by clicking on **Refresh all schemas** on the connector page, and verify that there is no error. -If the message is still displayed, then it means that the previously selected connection table no -longer exists in the managed system. In this case, either the table's name simply changed, or the -table is not relevant anymore. Then you should find a relevant table in the **Source** dropdown -list. +If the message is still displayed, then it means that the previously selected connection table no longer exists in the managed system. In this case, either the table's name simply changed, or the table is not relevant anymore. Then you should find a relevant table in the **Source** dropdown list. diff --git a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md index d58c457e0d..0d840cf533 100644 --- a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md @@ -6,59 +6,45 @@ sidebar_position: 40 # Create an Entity Type -How to create an -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) -that corresponds to the connector model. +How to create an [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) that corresponds to the connector model. ## Overview An entity type is a model of a managed system's data. It defines the shape of the associated -resources (instances of said model) and not the intent (that would be a resource type. See the -[ Create a Resource Type ](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) topic for -additional information. It defines a set of properties describing said resources and linking them -together. +resources (instances of said model) and not the intent (that would be a resource type). See the [Create a Resource Type](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) topic for additional information. It defines a set of properties describing said resources and linking them together. In other words, an entity type is supposed to model the representation of a certain group of -resources inside Identity Manager. It is a relational model, made of properties -([ Define Scalar Properties ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md)) and links between entity types -([ Define Navigation Properties ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md)), both described later. +resources inside Identity Manager. It is a relational model, made of properties ([Define Scalar Properties](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md)) and links between entity types ([Define Navigation Properties](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md)), both described later. ![Entity Type - Schema](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/entitytypecreation_schema.webp) -The configuration of entity types depends entirely on the previously established -by[ Model the Data ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md). +The configuration of entity types depends entirely on the previously established by [Model the Data](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md). -Entity types will impact the import of the managed system's resources, and the way said resources -are displayed in the UI. +Entity types will impact the import of the managed system's resources, and the way said resources are displayed in the UI. ## Participants and Artifacts -For a given managed system, integrators may need the help of the application owner who knows the -purpose of the application. +For a given managed system, integrators may need the help of the application owner who knows the purpose of the application. | Input | Output | | --------------------------------------------------------------------------------------------------------------------------------- | ----------- | -| Connection (required) Refreshed schemas (required) Connector's data [ Model the Data ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) (required) | Entity type | +| Connection (required) Refreshed schemas (required) Connector's data [Model the Data](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) (required) | Entity type | See the [Create a Connection](/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md) and -[ Model the Data ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) topics for additional information. +[Model the Data](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) topics for additional information. ## Create an Entity Type Create an entity type by proceeding as follows: -1. [ Create the Entity Type ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md). -2. [ Define Scalar Properties ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md)to be used in the entity type. -3. Choose the [ Select Primary Keys ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md) and key properties which will identify - resources. -4. Define [ Define Navigation Properties ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md)if applicable. -5. Customize the [ Set Resources' Display Names ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md) for the entity - type's resources. -6. Organize the [ Organize Resources' Datasheets ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md) for the entity - type's resources in Identity Manager. +1. [Create the Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md). +2. [Define Scalar Properties](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md)to be used in the entity type. +3. Choose the [Select Primary Keys](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md) and key properties which will identify resources. +4. Define [Define Navigation Properties](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md)if applicable. +5. Customize the [Set Resources' Display Names](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md) for the entity type's resources. +6. Organize the [Organize Resources' Datasheets](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/datasheet-organization/index.md) for the entity type's resources in Identity Manager. -For some connectors, Identity Manager provides a template to automatically create a basic -configuration. See below this note. +For some connectors, Identity Manager provides a template to automatically create a basic configuration. See below this note. > For example, the Active Directory template automatically creates an AD entity type and two > resource types for a standard AD connector. The template is available for a connector with an AD @@ -68,6 +54,4 @@ configuration. See below this note. ## Verify the Entity Type -Changes will take effect once you have launched synchronization. Therefore, in order to verify the -process, follow the verification procedure indicated -to[ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md). +Changes will take effect once you have launched synchronization. Therefore, in order to verify the process, follow the verification procedure indicated to [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md). diff --git a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md index 5e10585d7c..55350eb725 100644 --- a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md @@ -6,11 +6,7 @@ sidebar_position: 30 # Select Primary Keys -How to choose its keys and an -[ Entity Type Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md)key -in order to uniquely identify the -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)'s -resources at different points in a resource's lifecycle. +How to choose its keys and an [Entity Type Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/entitytypemapping/index.md) key in order to uniquely identify the [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)'s resources at different points in a resource's lifecycle. ## Overview @@ -65,9 +61,7 @@ by one, until a corresponding resource is found. ### Mapping key -The mapping key is also chosen from among scalar properties, and serves to uniquely identify any -resource during the[ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md). It must be unique and -immutable, i.e. must not change during the whole lifecycle of the resource. +The mapping key is also chosen from among scalar properties, and serves to uniquely identify any resource during the [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md). It must be unique and immutable, i.e. must not change during the whole lifecycle of the resource. > A mapping key cannot be based on properties subject to change, such as the display name of any > object, or users' title which could be renamed. @@ -86,16 +80,13 @@ Commonly used mapping keys are: - `sys_id` for ServiceNow - `EmployeeId` for the HR -Since the mapping is able to uniquely identify any resource, NETWRIX recommends that your mapping -key is always part of your key properties. +Since the mapping is able to uniquely identify any resource, NETWRIX recommends that your mapping key is always part of your key properties. ## Select the Entity Type's Keys Create an entity type by proceeding as follows: -1. Start by defining the entity type's scalar properties. See the - [ Define Scalar Properties ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md) topic for additional - information. +1. Start by defining the entity type's scalar properties. See the [Define Scalar Properties](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md) topic for additional information. ![Keys](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/entitytypecreation_keys_v522.webp) @@ -118,6 +109,5 @@ You can find the **Reload** button either on the green warning, or on the connec ## Next Steps -After the entity type is created with its scalar properties and keys, you can -[ Define Navigation Properties ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md) and/or -[ Set Resources' Display Names ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md). +After the entity type is created with its scalar properties and keys, you can [Define Navigation Properties](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md) and/or +[Set Resources' Display Names](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/display-name-setting/index.md). diff --git a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md index 20047a4d2b..dae3fe401b 100644 --- a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md @@ -68,7 +68,7 @@ If a property doesn’t exist in the source system, you can still create it usin property**. This is useful for storing internal-use data that the connected system can’t read or write. ---- +**---** ## Define the Entity Type's Navigation Properties @@ -126,7 +126,7 @@ Define navigation properties by following these steps: > `Entries`, `assistant`, `assistantOf`, `manager`, `directReports`, `memberOf`, `member`, > `parentdn`, `children` -> ![AD Entity Type - Navigation Properties](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/entitytypecreation_examplead3_v603.webp) +**> ![AD Entity Type - Navigation Properties](/img/product_docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/entitytypecreation_examplead3_v603.webp)** 5. Click the gear icon to access advanced settings: @@ -149,7 +149,7 @@ Define navigation properties by following these steps: Clicking **Continue** closes the window but **does not save** the configuration. ---- +**---** ## Reload @@ -161,7 +161,7 @@ It’s not necessary after every step—but is **required after the final step** The **Reload** button ensures updates appear in the menu links on the UI home page. You’ll find it either in the banner or on the connector dashboard. ---- +**---** ## Next Steps diff --git a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md index 2e30c98a1b..27262ebd9a 100644 --- a/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/scalar-property-definition/index.md @@ -6,9 +6,7 @@ sidebar_position: 20 # Define Scalar Properties -How to define the simple, or scalar, properties of an -[ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)'s -resources. +How to define the simple, or scalar, properties of an [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md)'s resources. ## Overview @@ -42,7 +40,7 @@ any property from the AD, but will be recalculated based on the other properties Define the entity type's scalar properties by proceeding as follows: -1. Start by declaring the [ Create the Entity Type ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md). +1. Start by declaring the [Create the Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/entity-type-declaration/index.md). 2. In the entity type's **Properties** section, click on **Map scalar properties** to display existing columns from the external source, and select the properties to be used in the entity type. @@ -69,8 +67,7 @@ Define the entity type's scalar properties by proceeding as follows: - `Format`: format used for the property's display in Identity Manager, for search tools and computation based on said property. Do not keep the default string format if the property is not a string. See the - [ References: Format for the EntityPropertyMapping ](/docs/identitymanager/saas/integration-guide/connectors/entitypropertymapping-format/index.md) - topic for additional information. + [References: Format for the EntityPropertyMapping](/docs/identitymanager/saas/integration-guide/connectors/entitypropertymapping-format/index.md) topic for additional information. > For example, dates, booleans, integers, etc. @@ -111,8 +108,7 @@ Define the entity type's scalar properties by proceeding as follows: - `Icon`: can be chosen from [Microsoft's list](https://uifabricicons.azurewebsites.net/) and will be displayed with the property among users' data. - **Source Expression**: expression that defines the property based on at least one source - object. Can be defined by a property path and/or - [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md). + object. Can be defined by a property path and/or [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md). > For example, `isUnused` is created to spot unused accounts via a combination of > `accountExpires` and `lastLogonTimestamp`: @@ -151,7 +147,7 @@ You can find the **Reload** button either on the green warning, or on the connec ## Next Steps -Before saving, you must first[ Select Primary Keys ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md)for the entity type. +Before saving, you must first [Select Primary Keys](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/key-selection/index.md)for the entity type. ## Troubleshooting diff --git a/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md b/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md index 009d611fe4..26705310df 100644 --- a/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md @@ -6,16 +6,9 @@ sidebar_position: 60 # Connect to a Managed System -How to create a new -[Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) -using the provided SaaS agent. See the -[ Architecture ](/docs/identitymanager/saas/introduction-guide/architecture/index.md) topic for additional -information. +How to create a new [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) using the provided SaaS agent. See the [Architecture](/docs/identitymanager/saas/introduction-guide/architecture/index.md) topic for additional information. -Identity Manager provides demo applications -[Run the Banking Demo Application](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/demoapp-banking/index.md) -and -[Run the HR Demo Application](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/demoapp-hr/index.md) to help set up connectors, test them, and understand Identity Manager's abilities towards external systems. +Identity Manager provides demo applications [Run the Banking Demo Application](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/demoapp-banking/index.md) and [Run the HR Demo Application](/docs/identitymanager/saas/integration-guide/connectors/configuration-details/demoapp-hr/index.md) to help set up connectors, test them, and understand Identity Manager's abilities towards external systems. ## Overview @@ -62,12 +55,9 @@ provisioning. > For example, we can use the data from Identity Manager's Identity repository to fill in later the > AD's fields, such as users' display names based on their first names and last names from the -> repository. See the [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) -> topic for additional information. +> repository. See the [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. -Identity Manager can also benefit from inbound connectors, that will write data to Identity -Manager's central identity repository. While both inbound and outbound connectors allow data to flow -both ways, they do not work in the same manner. +Identity Manager can also benefit from inbound connectors, that will write data to Identity Manager's central identity repository. While both inbound and outbound connectors allow data to flow both ways, they do not work in the same manner. ### Technical principles @@ -80,17 +70,14 @@ Identity Manager's connectors all operate on the same basic principles. Technica > We create a connector named `AD` (so far, an empty shell). -- a - [ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) +- A [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) is linked to an agent which acts as the go-between for Identity Manager's server and the managed system; > Our `AD` connector uses the provided SaaS agent. -- a - [ Connection ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) - describes the technology used that enables data to flow back and forth between Identity Manager - and the managed system; +- A [Connection](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connection/index.md) + describes the technology used that enables data to flow back and forth between Identity Manager and the managed system; > We want to use a connection `Directory/Active Directory` to perform synchronization and > automated provisioning, and a second connection `Ticket/identitymanager` to perform manual @@ -100,18 +87,14 @@ Identity Manager's connectors all operate on the same basic principles. Technica and generic connections to communicate with any application (CSV, Powershell, RobotFramework, SQL, etc.). -- the shape of the extracted managed system's data is modeled by - [ Entity Type ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) - (we will use the term resource to refer to an entity type that has been instantiated); +- the shape of the extracted managed system's data is modeled by [Entity Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/metadata/entitytype/index.md) (we will use the term resource to refer to an entity type that has been instantiated); > We create a single entity type `AD - Entry` which contains all the attributes that will > describe its resources, i.e. AD groups and users. The attributes include the department, the > employee identifier, the manager, the group membership (`member`/`memberOf`), the dn, the > parent dn, etc. -- the intent of resources within the managed system is made clear by categorizing resources into - [ Create a Resource Type ](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md). See the - [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. +- The intent of resources within the managed system is made clear by categorizing resources into [Create a Resource Type](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md). See the [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. > We categorize AD resources into distinct resource types: `AD User (nominative)` for basic > accounts, which we want Identity Manager to provision automatically; @@ -138,10 +121,7 @@ functional and technical details of the application. | ----------------------------------------------------------------------------------------------------------------------- | -------------------------- | | Administrator account for the Development Environment (required) Identity repository (required) User Profile (required) | Connector Connected System | -See the [Install the Development Environment](/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md) -[ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md), and -[Configure a User Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topics for additional -information. +See the [Install the Development Environment](/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md), [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md), and [Configure a User Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topics for additional information. ## Create a Target Connector @@ -149,10 +129,8 @@ For one managed system, create a connector by proceeding as follows: 1. Outside Identity Manager, [Model the Data](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md). 2. [Create the Connector](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-declaration/index.md) for said managed system. -3. Enable the technical transfer of data by creating and configuring - [Create a Connection](/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md). -4. Set up [Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md) to represent the data model decided - upon in step 1. +3. Enable the technical transfer of data by creating and configuring [Create a Connection](/docs/identitymanager/saas/user-guide/set-up/connect-system/connection-creation/index.md). +4. Set up [Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md) to represent the data model decided upon in step 1. **Connector modification:** The process for modifying a connector is not so different from the process for creating a connector, as you mainly modify the fields specified during creation. @@ -165,5 +143,4 @@ You can activate the connector again at any time using the same button. ## Next Steps -Once the connector has been created, you can start -to[ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md). +Once the connector has been created, you can start to [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md). diff --git a/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md b/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md index a158a1e51a..bb5a5cddb5 100644 --- a/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md @@ -8,22 +8,17 @@ sidebar_position: 10 How to connect to Identity Manager's SaaS environment to set up the development environment. -When using Identity Manager's on-premise option, follow the procedure of installation of the -bootstrap version. See the [ Quick Start Guide](/docs/identitymanager/saas/installation-guide/quick-start/index.md) -topic or additional information. +When using Identity Manager's on-premise option, follow the procedure of installation of the bootstrap version. See the [Quick Start Guide](/docs/identitymanager/saas/installation-guide/quick-start/index.md) topic or additional information. ## Overview -The installation of Identity Manager's production environment usually takes time, while we want to -start configuring at once. +The installation of Identity Manager's production environment usually takes time, while we want to start configuring at once. -This is why Identity Manager offers a bootstrap version of the application, useful as a development -environment. +This is why Identity Manager offers a bootstrap version of the application, useful as a development environment. ## Participants and Artifacts -Integrators must be in contact with Netwrix Identity Manager (formerly Usercube) to be able to get -infos about the SaaS tenant URL and authentication. +Integrators must be in contact with Netwrix Identity Manager (formerly Usercube) to be able to get infos about the SaaS tenant URL and authentication. | Input | Output | | ----- | ----------------------- | @@ -35,10 +30,8 @@ The documentation is not yet available for this part and will be completed in th ## Verify Environment Installation -In order to verify the process, try to authenticate to Identity Manager server, and access the -configuration screens. +In order to verify the process, try to authenticate to Identity Manager server, and access the configuration screens. ## Next Steps -Once the development environment is ready, integrators can start to -[ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md). +Once the development environment is ready, integrators can start to [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md). diff --git a/docs/identitymanager/saas/user-guide/set-up/index.md b/docs/identitymanager/saas/user-guide/set-up/index.md index 01a6cf7881..a138fbca33 100644 --- a/docs/identitymanager/saas/user-guide/set-up/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/index.md @@ -6,16 +6,16 @@ sidebar_position: 20 # Set Up -- [ Install the Development Environment ](/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md) +- [Install the Development Environment](/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md) How to connect to Identity Manager's SaaS environment to set up the development environment. -- [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) +- [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) How to initiate the repository for workforce identities by loading identities into Identity Manager with the right attributes. -- [ Configure Unique Property Generation ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md) +- [Configure Unique Property Generation](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md) How to configure Identity Manager to generate unique identifiers, mails and logins for any user who does not have them already. @@ -29,29 +29,29 @@ sidebar_position: 20 Description of the MS Excel template for the creation of the identities repository. -- [ Adjust the Workforce Data Model ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md) +- [Adjust the Workforce Data Model](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md) How to select the properties to be part of the data model for the workforce repository (therefore displayed in the UI), and choose their optimal displaying mode. -- [ Configure a User Profile ](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) +- [Configure a User Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) How to tweak the permissions for actions within Identity Manager, for a standard set of basic Identity Manager profiles. -- [ Configure Onboarding Workflows ](/docs/identitymanager/saas/user-guide/set-up/configure-workflows/index.md) +- [Configure Onboarding Workflows](/docs/identitymanager/saas/user-guide/set-up/configure-workflows/index.md) How to adjust the parameters of onboarding workflows. -- [ Connect to a Managed System ](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) +- [Connect to a Managed System](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) How to create a new connector using the provided SaaS agent. -- [ Model the Data ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) +- [Model the Data](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) How to choose the appropriate model for a connector's data. -- [ Create the Connector ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-declaration/index.md) +- [Create the Connector](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-declaration/index.md) How to create the technical container of a connector. @@ -63,37 +63,37 @@ sidebar_position: 20 How to create an entity type that corresponds to the connector model. -- [ Synchronize Data ](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) +- [Synchronize Data](/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md) How to launch data synchronization, i.e. read managed systems' data and load it into Identity Manager. -- [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) +- [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) How to correlate managed systems' resources with identities, classifying resources into resource types. -- [ Create a Resource Type ](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) +- [Create a Resource Type](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) How to create the container for future correlation and classification rules inside a given managed system. -- [ Correlate Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md) +- [Correlate Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/correlation/index.md) How to define correlation rules to match up resources across systems, usually accounts with their owner. -- [ Classify Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) +- [Classify Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) How to define classification rules in order to classify remaining uncorrelated resources, assigning them resource types. -- [ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) +- [Create a Provisioning Rule](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) How to define scalar rules, navigation rules and/or query rules to compute and provision target resources values from source resources values. -- [ Create Resources ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md) +- [Create Resources](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md) How to define resource type rules to create new (target) resources for given users, computing and provisioning their properties based on source resources. @@ -103,22 +103,22 @@ sidebar_position: 20 How to define scalar rules to compute and provision the values of scalar properties for target resources based on source resources. -- [ Compute a Navigation Property ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) +- [Compute a Navigation Property](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md) How to define navigation rules and/or query rules to compute and provision the values of navigation properties for target resources based on source resources. -- [ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) +- [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) How to define single roles to model entitlements, and organize them inside the role catalog, basis of the role model. -- [ Create Roles in Bulk ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) +- [Create Roles in Bulk](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) How to create role naming rules, which create single roles using existing naming conventions from the managed system. -- [ Create a Category ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md) +- [Create a Category](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md) How to structure roles into categories. @@ -130,6 +130,6 @@ sidebar_position: 20 How to assign Identity Manager's access permissions to users through profiles. -- [ Manage Role Officers ](/docs/identitymanager/saas/user-guide/set-up/role-officer-management/index.md) +- [Manage Role Officers](/docs/identitymanager/saas/user-guide/set-up/role-officer-management/index.md) How to manage role officers in order to ensure the approval for entitlement assignments. diff --git a/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md b/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md index ba1eaba381..6bbf77fb65 100644 --- a/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md @@ -38,7 +38,7 @@ Integrators may need the help of the HR department who know the organization. | ------------------------------------------------------------------------ | ----------------------------- | | IdentityManagerServer (required) Initial workforce repository (required) | Adjusted workforce repository | -See the [ Install the Development Environment ](/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md) +See the [Install the Development Environment](/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md) and [Load Identities to Identity Manager](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/load-identities/index.md) topics for additional information. @@ -79,7 +79,7 @@ Adjust the data model by proceeding as follows: For example the contract's start date is necessary for Identity Manager's workflows. Modifications can be performed later, decisions can be reconsidered. See the - [ Modify the Identity Data Model ](/docs/identitymanager/saas/user-guide/optimize/identity-datamodel-modification/index.md) + [Modify the Identity Data Model](/docs/identitymanager/saas/user-guide/optimize/identity-datamodel-modification/index.md) topic for additional information. 4. Click on the Save icon at the top. diff --git a/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md b/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md index 05e61d2036..084c7526ca 100644 --- a/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md @@ -39,7 +39,7 @@ organization to compute these unique properties. | -------------------------------- | -------------------------------------- | | IdentityManagerServer (required) | Generation rules for unique properties | -See the [ Install the Development Environment ](/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md) +See the [Install the Development Environment](/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md) topic for additional information. ## Configure Unique Property Generation diff --git a/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md b/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md index 02bfb13afb..fc3b673963 100644 --- a/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md @@ -15,7 +15,7 @@ Loading the digital identities into Identity Manager is the very first task you The identity repository is supposed to contain the list of all kinds of identities in the company. Each identity will be represented by a set of properties that are to be used in the calculations for entitlement assignments. -> For example, a user can be represented by an identifier and linked to their position which +> For example, a user can be represented by an identifier and linked to their position which > includes the user's employee id, last name and first name, email, user type, organization, etc. > > ![Identity Repository Example](/img/product_docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/identityrepository-example.webp) @@ -26,8 +26,7 @@ Each identity will be represented by a set of properties that are to be used in > > ![Identity Example](/img/product_docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/identityrepository-person_v602.webp) -See the -[ Identity Repository ](/docs/identitymanager/saas/integration-guide/identity-management/identity-repository/index.md) +See the [Identity Repository](/docs/identitymanager/saas/integration-guide/identity-management/identity-repository/index.md) topic for additional information. The initial workforce repository is going to be the first version of a comprehensive repository @@ -83,30 +82,27 @@ While it seems to be a good idea, it poses a few problems. Among them: early enough to be really useful. Hence, in order to rather focus on awaited IGA activities, we choose to build the first iteration of -the project upon a manual data upload to create the initial workforce repository. . +the project upon a manual data upload to create the initial workforce repository. ## Participants and Artifacts -Integrators may need the help of the HR department and its assistants who know the organization in order to get the identity and organizational data. After the initial loading, the HR department can -review the data to confirm its accuracy. +Integrators may need the help of the HR department and its assistants who know the organization in order to get the identity and organizational data. After the initial loading, the HR department can review the data to confirm its accuracy. -| Input | Output | -| ---------------------------------------------------------------------------------------------------------------------- | ---------------------------- | -| IdentityManagerServer (required) Organizational chart (required) HR data (required) Third-party staff data (optional) | Initial workforce repository | +| Input | Output | +|--------------------------------------|----------------------------------------------------| +| IdentityManagerServer (required) | Initial workforce repository | +| Organizational chart (required) | | +| Third-party staff data (optional) | | ## Create the Workforce Repository Create the workforce repository by proceeding as follows: -1. [Configure Unique Property Generation](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md) for all users, - pre-existing and new, who do not have them yet. -2. [Load Identities to Identity Manager](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/load-identities/index.md) to Identity Manager based on the - recommended attributes from the provided organizational model +1. [Configure Unique Property Generation](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/generate-unique-properties/index.md) for all users, pre-existing and new, who do not have them yet. +2. [Load Identities to Identity Manager](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/load-identities/index.md) to Identity Manager based on the recommended attributes from the provided organizational model [Template Description](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/template-description/index.md). -3. [Adjust the Workforce Data Model](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md) following Identity Manager's - suggestions. -4. Continue with the next steps of this guide, and come back later to fill the organizational model - with additional data. +3. [Adjust the Workforce Data Model](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/adjust-datamodel/index.md) following Identity Manager's suggestions. +4. Continue with the next steps of this guide, and come back later to fill the organizational model with additional data. ## Next Steps diff --git a/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/load-identities/index.md b/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/load-identities/index.md index ba38d733b2..9b929277b1 100644 --- a/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/load-identities/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/load-identities/index.md @@ -53,12 +53,13 @@ Integrators may need the help of the HR department who knows the organization in identity and organizational data. After the initial loading, the HR department can review the data to confirm its accuracy. -| Input | Output | -| ------------------------------------------------------------------------------------- | ---------------------------- | -| IdentityManagerServer (required) HR data (required) Third-party staff data (optional) | Initial workforce repository | +| Input | Output | +| ----------------------------------------- | ---------------------------- | +| IdentityManagerServer (required) | Initial workforce repository | +HR data (required) | | +Third-party staff data (optional) | | -See the [Install the Development Environment](/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md) -topic for additional information +See the [Install the Development Environment](/docs/identitymanager/saas/user-guide/set-up/development-environment-installation/index.md) topic for additional information. ## Load Identities @@ -82,9 +83,7 @@ Load identities for the first time by proceeding as follows: Workforce should include obviously all current workers, but also incoming workers, and those who left the organization in the past XXX (time period defined by the rules of the security officer). It is interesting to have past workers in order to understand the process and ensure - that they are supposed to be orphaned. See the - [Review Orphaned and Unused Accounts](/docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/index.md) - topic for additional information. + that they are supposed to be orphaned. See the [Review Orphaned and Unused Accounts](/docs/identitymanager/saas/user-guide/administrate/orphan-unused-account-review/index.md) topic for additional information. **Employees** @@ -106,8 +105,7 @@ Load identities for the first time by proceeding as follows: 4. Fill said template with the data you collected. The Excel file contains several tabs which organize data, but not all tabs and columns are - mandatory. You can find **more details about the - [Template Description](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/template-description/index.md)**. Below are the minimum recommended + mandatory. You can find **more details about the [Template Description](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/template-description/index.md)**. Below are the minimum recommended attributes (mandatory in orange): ![Template Recommendations](/img/product_docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/load-identities/initialload_templatereco_v600.webp) @@ -140,8 +138,7 @@ Load identities for the first time by proceeding as follows: 1. Upload the `Directory.xlsx` file with only recommended data, validate and synchronize as explained on this page. - 2. Connect the AD, synchronize AD data, update correlation and classification. See the - [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. + 2. Connect the AD, synchronize AD data, update correlation and classification. See the [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. 3. Follow the usual query procedure to request phone numbers from the AD. 4. Ensure you display a key (for example `EmployeeId` or `email`) to master the order of the displayed data. diff --git a/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/template-description/index.md b/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/template-description/index.md index d4f95514e2..0d6d90f448 100644 --- a/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/template-description/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/template-description/index.md @@ -46,9 +46,9 @@ contracts, mutation, etc. Thus, the `UserRecord` tab usually holds users' information that might change over time, while the `User` tab groups all records of a given user around its identifier. -| Attribute | Type | Description | +| Attribute | Type |Description | | ---------------------------------------------------------------------------------------- | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| RecordIdentifier (recommended) | String | Identifier of the Records. See the[ Position Change via Records ](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md). **Note:** it can be the same as `PositionIdentifier` when users can have no more than one contract simultaneously. **Note:** required when using records. | +| RecordIdentifier (recommended) | String | Identifier of the Records. See the[Position Change via Records](/docs/identitymanager/saas/integration-guide/identity-management/joiners-movers-leavers/position-change/index.md). **Note:** it can be the same as `PositionIdentifier` when users can have no more than one contract simultaneously. **Note:** required when using records. | | User (required) | ForeignKey | `Identifier` from the `User` tab. | | EmployeeId (recommended) | String | | | Gender (optional) | ForeignKey | `Identifier` from the `Gender` tab. | @@ -86,8 +86,6 @@ Thus, the `UserRecord` tab usually holds users' information that might change ov | StartDate (optional) | DateTime | Start date of the record, used for changes that aren't related to contract and position information, for example a scheduled name change. | | EndDate (optional) | DateTime | End date of the record, used for changes that aren't related to contract and position information, for example a scheduled name change. | -See the Template Description topic for additional information. - Recommendations: - There is no absolute need for a unique identifier, because Identity Manager can compute one in the diff --git a/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md b/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md index 20cd3dbd32..f5ea8e1b64 100644 --- a/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md @@ -7,22 +7,16 @@ sidebar_position: 90 # Create a Provisioning Rule How to define scalar rules, navigation rules and/or query rules to compute and provision target -resources values from source resources values. See the -[Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) -topic for additional information. +resources values from source resources values. See the [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topic for additional information. ## Overview -[ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) led to the grouping of resources into resource -types (classification), and the establishment of source-to-target relationships between these -resources (correlation). +[Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) led to the grouping of resources into resource types (classification), and the establishment of source-to-target relationships between these resources (correlation). Sources are usually identities, and targets are usually accounts from the managed systems. Here, we are going to compute the values of scalar and navigation properties for the target -resources used in entitlement management, based on source resources. We are going to -[Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) these properties, i.e. write them to the -managed system. +resources used in entitlement management, based on source resources. We are going to [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) these properties, i.e. write them to the managed system. The right tools for the job are provisioning rules: scalar rules, navigation rules, query rules. @@ -36,10 +30,7 @@ Another kind of provisioning rule is called resource type rule. Instead of compu properties, resource type rules create automatically target resources to be owned by given source resources (identities). -In testing mode, the impacted resource types can be configured to block provisioning, by adding a -mandatory review before actually writing to the managed system. See the -[ Create a Resource Type ](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) topic for additional -information. +In testing mode, the impacted resource types can be configured to block provisioning, by adding a mandatory review before actually writing to the managed system. See the [Create a Resource Type](/docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/index.md) topic for additional information. ## Participants and Artifacts @@ -50,19 +41,16 @@ application users, entitlements and data model. | ------------------------- | ----------------------------------------- | | Categorization (required) | Scalar rules Navigation rules Query rules | -See the [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. +See the [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. ## Create Provisioning Rules -- [ Create Resources ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md)type rules to automatically create resources. +- [Create Resources](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md)type rules to automatically create resources. - [Compute a Scalar Property](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/scalar-property-computation/index.md) to compute scalar properties; - Create navigation and/or query rules to compute navigation properties. -Netwrix Identity Manager (formerly Usercube) recommends creating/modifying/deleting provisioning -rules using simulations in order to anticipate changes. See the -[ Perform a Simulation ](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) topic for additional information. +Netwrix Identity Manager (formerly Usercube) recommends creating/modifying/deleting provisioning rules using simulations in order to anticipate changes. See the [Perform a Simulation](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) topic for additional information. ## Next Steps -Once provisioning rules are created, integrators can start -to[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md). +Once provisioning rules are created, integrators can start to [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md). diff --git a/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md b/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md index 6c29142f99..6efb4f9028 100644 --- a/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md @@ -17,7 +17,7 @@ Sources are usually identities, and targets are usually accounts from the manage Here, we are going to compute the values of navigation properties for the target resources used in entitlement management, based on source resources. See -the[ Define Navigation Properties ](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md) +the[Define Navigation Properties](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/navigation-property-definition/index.md) topic for additional information. We are going to provision these properties, i.e. write them to the managed system. See the [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) topic for additional information. @@ -67,16 +67,16 @@ entity type itself). Let's call this entity type the "other" one. The application of a navigation rule can depend on the assignment of a single role, and/or user dimensions. See -the[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for +the[Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information on the assignment of a single role and -[ Conforming Assignments ](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md) +[Conforming Assignments](/docs/identitymanager/saas/integration-guide/role-assignment/conformingassignmentcomputation/index.md) topic for additional information on dimensions. A query rule does not use criteria as it is designed to compute a given navigation property for all existing resources in a given resource type. However, in case of several query rules on a same property, the application of a query rule depends on its confidence rate and the corresponding priority it receives compared to other query rules. See the -[ Classify Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) topic for additional +[Classify Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) topic for additional information. While both navigation and query rules compute navigation properties, the value of one navigation @@ -102,14 +102,17 @@ accounts. A navigation rule will trigger the creation of a target resource for all impacted source resources (so all users), which are not yet correlated with a resource of this resource type. -**NOTE:** A query rule does not create resources, and only computes the navigation properties of +:::note +A query rule does not create resources, and only computes the navigation properties of existing resources. +::: + ## Guidelines Follow these guidelines when configuring navigation properties. -Expression code must not contain too much data +**Expression code must not contain too much data** Once configured, a rule is a complicated object to modify. Therefore, you must keep business data in the resource and out of the expression. It is easier to change data than to change a rule. @@ -127,7 +130,7 @@ the resource and out of the expression. It is easier to change data than to chan > expression remains simple by using the new objects, for example > `Email = FirstName + "." + LastName + "@" + Company + "." + DomainName`. -Priority between navigation/query rules +**Priority between navigation/query rules** When creating navigation and query priorities, follow these rules: @@ -141,7 +144,7 @@ When creating navigation and query priorities, follow these rules: For a given managed system, integrators may need the help of the application owner who knows the application users, entitlements and data model. See the -[ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. +[Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. | Input | Output | | ------------------------- | ---------------------------- | @@ -229,7 +232,7 @@ Once the `Resource Type` is provided, more fields appear. example, account activation and deactivation can be managed according to the start and/or end dates. - `Confidence Rate`: rate expressing the confidence in this link, and its priority order. See - the[ Classify Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) topic for additional + the[Classify Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) topic for additional information. > Our examples would look like: @@ -260,7 +263,7 @@ system. Simulations are available in order to anticipate the changes induced by a creation/modification/deletion in navigation and query rules. See the -[ Perform a Simulation ](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) topic for additional information. +[Perform a Simulation](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) topic for additional information. ## Verify Rule Creation @@ -283,7 +286,7 @@ the **Role Reconciliation** screen) to help check query rules: if there are nume be reconciled following the same pattern, then there may be a rule that needs to be changed. See -the[ Review an Unauthorized Account ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md) +the[Review an Unauthorized Account](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/unauthorized-account-review/index.md) and -the[ Reconcile a Role ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) +the[Reconcile a Role](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/role-reconciliation/index.md) topics for additional information. diff --git a/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md b/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md index c0d2703630..a85b9f3b41 100644 --- a/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/resource-creation/index.md @@ -6,18 +6,13 @@ sidebar_position: 10 # Create Resources -How to define -[Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) -rules to create new (target) resources for given users, computing and provisioning their properties -based on source resources. +How to define [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) rules to create new (target) resources for given users, computing and provisioning their properties based on source resources. ## Overview Sources are usually identities, and targets are usually accounts from the managed systems. -Here, we are going to create target resources and assign them to given users. We are going to -[Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) these resources, i.e. write them to the -managed system. +Here, we are going to create target resources and assign them to given users. We are going to [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md) these resources, i.e. write them to the managed system. The right tools for the job are resource type rules. @@ -36,7 +31,7 @@ application users, entitlements and data model. | ------------------------- | ------------------- | | Categorization (required) | Resource type rules | -See the [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. +See the [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. ## Create a Resource Type Rule @@ -120,7 +115,5 @@ Then, you can: ![View Permissions Tab](/img/product_docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/resource-creation/viewpermissions_v602.webp) - If the type rule uses a single role as a criterion, and the user has said role, then both the - resource type and the role will be displayed in the user's permissions, but only if the role is - related to a [ Compute a Navigation Property ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md). + If the type rule uses a single role as a criterion, and the user has said role, then both the resource type and the role will be displayed in the user's permissions, but only if the role is related to a [Compute a Navigation Property](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/navigation-property-computation/index.md). Otherwise, only the resource type will be visible. diff --git a/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/scalar-property-computation/index.md b/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/scalar-property-computation/index.md index d8e9885451..60e16edc11 100644 --- a/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/scalar-property-computation/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/scalar-property-computation/index.md @@ -6,20 +6,13 @@ sidebar_position: 20 # Compute a Scalar Property -How to define scalar rules to compute and provision the values of scalar properties for target -resources based on source resources. See the -[Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topic -for additional information. +How to define scalar rules to compute and provision the values of scalar properties for target resources based on source resources. See the [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topic for additional information. ## Overview Sources are usually identities, and targets are usually accounts from the managed systems. -Here, we are going to compute the values of scalar properties for the target resources used in -entitlement management, based on source resources. See the -[Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md) topic for additional -information. We are going to provision these properties, i.e. write them to the managed system. See -the [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md)topic for additional information. +Here, we are going to compute the values of scalar properties for the target resources used in entitlement management, based on source resources. See the [Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md) topic for additional information. We are going to provision these properties, i.e. write them to the managed system. See the [Provision](/docs/identitymanager/saas/user-guide/administrate/provisioning/index.md)topic for additional information. The right tools for the job are scalar rules. @@ -28,14 +21,11 @@ from the source entity type, possibly writing a C# expression. ![Schema - Scalar Rule](/img/product_docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/scalar-property-computation/provrules_schemascalar.webp) -A scalar rule could define the scalar property displayName of nominative AD accounts based on its -owner's name with the expression: +A scalar rule could define the scalar property displayName of nominative AD accounts based on its owner's name with the expression: return person.LastName + " " + person.FirstName; -The application of a scalar rule can depend on the assignment of a single role. See the -[ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for -additional information. +The application of a scalar rule can depend on the assignment of a single role. See the [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. Sometimes we create in Identity Manager properties which are not directly linked to any real property in the managed system. A scalar rule on this kind of property will not find a property to @@ -60,7 +50,7 @@ properties of existing resources. ## Guidelines -Expression code must not contain too much data +**Expression code must not contain too much data** Once configured, a rule is a complicated object to modify. Therefore, you must keep business data in the resource and out of the expression. It is easier to change data than to change a rule. @@ -78,7 +68,7 @@ then a new field is added in the data model for Site and Domain Name. Thus, the remains simple by using the new objects, for example `Email = FirstName + "." + LastName + "@" + Company + "." + DomainName`. -Priority between scalar rules +**Priority between scalar rules** A scalar rule with a role as a criterion has a higher priority than a rule without a role criterion. @@ -104,7 +94,7 @@ application users, entitlements and data model. | ------------------------- | ------------ | | Categorization (required) | Scalar rules | -See the [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. +See the [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. ## Create a Scalar Rule @@ -188,9 +178,7 @@ A modification in a provisioning rule can trigger the removal of a resource only Manager side. There are several barriers to cross before said resource is removed from the managed system. -Simulations are available in order to anticipate the changes induced by a -creation/modification/deletion in scalar rules. See the -[ Perform a Simulation ](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) topic for additional information. +Simulations are available in order to anticipate the changes induced by a creation/modification/deletion in scalar rules. See the [Perform a Simulation](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) topic for additional information. ## Verify Rule Creation @@ -198,13 +186,9 @@ In order to verify the process: ![Resource Type Jobs](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/classification/synchro_resourcetype_v602.webp) -**Step 1 –** On the corresponding connector's overview page, in the **Resource Types** frame click -on **Jobs** > **Compute Role Model** to apply all rules. +**Step 1 –** On the corresponding connector's overview page, in the **Resource Types** frame click on **Jobs** > **Compute Role Model** to apply all rules. **Step 2 –** Review unreconciled properties on the **Resource Reconciliation** screen to help check -scalar rules: if there are numerous properties to be reconciled following the same pattern, then -there may be a rule that needs to be changed. See the -[ Reconcile a Property ](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) -topic for additional information. +scalar rules: if there are numerous properties to be reconciled following the same pattern, then there may be a rule that needs to be changed. See the [Reconcile a Property](/docs/identitymanager/saas/user-guide/administrate/non-conforming-assignment-review/property-reconciliation/index.md) topic for additional information. Once the steps completed the process is verified. diff --git a/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md b/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md index 17f1529895..3370819d6c 100644 --- a/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md @@ -7,7 +7,7 @@ sidebar_position: 20 # Create a Category How to structure roles into categories. See the -[ Category ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) +[Category](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) topic for additional information. ## Overview @@ -37,7 +37,7 @@ application's users, entitlements and data model. | ----------------------- | ---------- | | Role Catalog (optional) | Categories | -See the [ Create Roles in the Role Catalog ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. +See the [Create Roles in the Role Catalog](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md) topic for additional information. ## Create a Category diff --git a/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md b/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md index 147a59eb49..6b1ea44b41 100644 --- a/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/index.md @@ -6,11 +6,7 @@ sidebar_position: 100 # Create Roles in the Role Catalog -How to define -[ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) -to model entitlements, and organize them in the role catalog, basis of the role model. See the -[ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) -topic for additional information. +How to define [Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) to model entitlements, and organize them in the role catalog, basis of the role model. See the [Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. The creation of the role catalog is a time-consuming part, with an important workload concerning the description of the internal processes for all applications. Actors here need to really understand @@ -18,10 +14,7 @@ the useful permissions within managed applications. ## Overview -The aim here is to establish and create the exhaustive list of -[ Role Model ](/docs/identitymanager/saas/integration-guide/role-model/index.md) needed by the organization. Roles are -a way to represent entitlements which are assigned to identities, so that said identities are able -to work with the managed systems. +The aim here is to establish and create the exhaustive list of [Role Models](/docs/identitymanager/saas/integration-guide/role-model/index.md) needed by the organization. Roles are a way to represent entitlements which are assigned to identities, so that said identities are able to work with the managed systems. ![Schema - Single Role](/img/product_docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/singlerolescatalog_schemarole.webp) @@ -41,9 +34,7 @@ connector modeling. Identity Manager's roles are all built the same way. Technically speaking: -- a role is part of a policy which is a subgroup of the role model. See the - [ Entitlement Management ](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) - topic for additional information. +- a role is part of a policy which is a subgroup of the role model. See the [Entitlement Management](/docs/identitymanager/saas/introduction-guide/overview/entitlement-management/index.md) topic for additional information. > Let's take the example of the unlimited Internet access, part of the default policy. @@ -59,11 +50,8 @@ Identity Manager's roles are all built the same way. Technically speaking: NETWRIX recommends creating one category per application, as this method often fulfills both requirements. - Then single roles can be grouped together through - [ Composite Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) - for applicative purposes, allowing users to be assigned several entitlements simultaneously. - Leave composite roles for later, when the system runs as is and would benefit from an additional - layer in the role model. + Then single roles can be grouped together through [Composite Roles](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/compositerole/index.md) for applicative purposes, allowing users to be assigned several entitlements simultaneously. + Leave composite roles for later, when the system runs as is and would benefit from an additional layer in the role model. > This role is part of the previously created `Internet` category. @@ -77,8 +65,7 @@ Identity Manager's roles are all built the same way. Technically speaking: - to be effective, roles must be linked to actual entitlements in the managed systems. Technically speaking, this means that for each entitlement that you want to assign through a given role, you must create a navigation rule to build said link. A navigation rule is specific to one resource - type. See the [ Categorize Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional - information. + type. See the [Categorize Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/index.md) topic for additional information. ![Schema - Single Role with Navigation Rule](/img/product_docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/singlerolescatalog_schemarolerule.webp) @@ -104,18 +91,15 @@ Identity Manager's roles are all built the same way. Technically speaking: Functionally speaking, the main benefit of roles is to give entitlements user-friendly names, easily understandable by managers. And to be understandable, roles must be structured. -The strategy for role creation and structuring varies according to the -[ Model the Data ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) established for a given system. -Here, we will take as example the common use-case that organizes and categorizes roles by -application. Then, the strategy varies whether the system hosts a single application (like SAB or -SAP) or several (like the AD or LDAP). +The strategy for role creation and structuring varies according to the [Model the Data](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) established for a given system. +Here, we will take as example the common use-case that organizes and categorizes roles by application. Then, the strategy varies whether the system hosts a single application (like SAB or SAP) or several (like the AD or LDAP). In any case, role creation and maintenance are made easier by entitlements' naming conventions. Thus, no matter the kind of system that you are working with, if the system uses no naming conventions, then you should start by creating some. They will be the basis for role structure in Identity Manager, and will really simplify role creation. -One system for one application +**One system for one application** A common and intuitive case is when a system is simply one application. Then, integrators can create one role per entitlement in said application, and one category for the application. @@ -181,8 +165,7 @@ single roles, which makes role creation a long, tedious and repetitive process. Roles can also be created bottom-up via role naming rules. Instead of the previous process, you can use the name of said entitlement in your managed system to create automatically the corresponding single role and rule (and category if it does not already exist). In other words, Identity Manager's -naming rules are to be based on your existing naming conventions for entitlements. See the -[ Create Roles in Bulk ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) topic for additional information. +naming rules are to be based on your existing naming conventions for entitlements. See the [Create Roles in Bulk](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) topic for additional information. ![Schema - Role Creation Top-Down](/img/product_docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/singlerolescatalog_schemabottomup.webp) @@ -202,28 +185,24 @@ application's users, entitlements and data model. | Input | Output | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------- | -| Connector's data [ Model the Data ](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) (required) [ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) (required) [ Classify Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) (required) | Single role catalog | +| Connector's data [Model the Data](/docs/identitymanager/saas/user-guide/set-up/connect-system/connector-modeling/index.md) (required) [Create a Provisioning Rule](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) (required) [Classify Resources](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) (required) | Single role catalog | ## Create the Single Role Catalog Create the single role catalog by proceeding as follows: -1. Create as many single roles as possible (with their navigation rules and categories) via the - [ Create Roles in Bulk ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) naming rules. -2. Complete the role catalog if needed by creating manually additional - [ Create a Category ](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md) and single roles with their navigation rules. -3. Add [Create a Composite Role](/docs/identitymanager/saas/user-guide/optimize/composite-role-creation/index.md) to the single role - catalog only if the project is mature enough. Composite roles are more complex than single roles +1. Create as many single roles as possible (with their navigation rules and categories) via the [Create Roles in Bulk](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md) naming rules. +2. Complete the role catalog if needed by creating manually additional [Create a Category](/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/category-creation/index.md) and single roles with their navigation rules. +3. Add [Create a Composite Role](/docs/identitymanager/saas/user-guide/optimize/composite-role-creation/index.md) to the single role catalog only if the project is mature enough. Composite roles are more complex than single roles and they are not mandatory. ## Impact of Modifications -[ Perform a Simulation ](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) are available in order to anticipate +[Perform a Simulation](/docs/identitymanager/saas/user-guide/optimize/simulation/index.md) are available in order to anticipate the changes induced by a creation/modification/deletion in roles and navigation rules. ## Next Steps Once the role catalog is established, integrators can start role officer management. -The role catalog is also a prerequisite for -[ Manage Risks ](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md)management. +The role catalog is also a prerequisite for [Manage Risks](/docs/identitymanager/saas/user-guide/optimize/risk-management/index.md) management. diff --git a/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-manual-creation/index.md b/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-manual-creation/index.md index 5c4e3b34dd..820c88b78d 100644 --- a/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-manual-creation/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-manual-creation/index.md @@ -10,25 +10,15 @@ How to create single roles manually. ## Overview -A single role is a way to represent an entitlement that is to be assigned to an identity. It brings -a layer of abstraction through a user-friendly name, close to the business view. See the -[ Single Role ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) -topic for additional information. - -To be effective, roles must be linked to actual entitlements in the managed systems. Within Identity -Manager, an entitlement assigned to an identity is in fact represented by the value of a given -navigation property, in a resource owned by said identity. See the -[Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md)topic for additional -information. Thus, each role is linked to one navigation rule per entitlement. See the -[Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) -topic for additional information. - -**NOTE:** For example, imagine that we want to grant unlimited Internet access to the administrator -profile of an identity. This entitlement won't be assigned directly to the identity but to its AD -administration account. In our Active Directory, there is a resource called -`` identified from among AD entries as a group. So we need to add this group -membership to the properties of the identity's AD account, using `` as a -value of the **memberOf** property. +A single role is a way to represent an entitlement that is to be assigned to an identity. It brings a layer of abstraction through a user-friendly name, close to the business view. See the [Single Role](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/singlerole/index.md) topic for additional information. + +To be effective, roles must be linked to actual entitlements in the managed systems. Within Identity Manager, an entitlement assigned to an identity is in fact represented by the value of a given navigation property, in a resource owned by said identity. See the [Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md)topic for additional information. Thus, each role is linked to one navigation rule per entitlement. See the +[Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topic for additional information. + +:::note +For example, imagine that we want to grant unlimited Internet access to the administrator profile of an identity. This entitlement won't be assigned directly to the identity but to its AD administration account. In our Active Directory, there is a resource called `` identified from among AD entries as a group. So we need to add this group membership to the properties of the identity's AD account, using `` as a value of the **memberOf** property. +::: + ## Participants and Artifacts @@ -37,10 +27,7 @@ application's users, entitlements and data model. | Input | Output | | ------------------------- | ------------ | -| Classification (required) | Single roles | - -See the[ Classify Resources ](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) topic for additional -information. +| [Classification](/docs/identitymanager/saas/user-guide/set-up/categorization/classification/index.md) (required) | Single roles | ## Create a Single Role @@ -48,13 +35,11 @@ Create a single role by proceeding as follows: ![Home Page - Access Roles](/img/product_docs/identitymanager/saas/user-guide/set-up/categorization/resource-type-creation/home_roles_v602.webp) -**Step 1 –** On the home page in the **Configuration** section, click on **Access Roles** to access -the roles page. +**Step 1 –** On the home page in the **Configuration** section, click on **Access Roles** to access the roles page. ![createsinglerole](/img/product_docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-manual-creation/createsinglerole.webp) -**Step 2 –** On the roles page, click on the adequate category and create a role by clicking on **+ -New** at the top right corner. +**Step 2 –** On the roles page, click on the adequate category and create a role by clicking on **+New** at the top right corner. **Step 3 –** Fill in the fields. @@ -64,12 +49,14 @@ New** at the top right corner. - Entity Type: Entity type targeted by the role. - Description: Description of the role. - Tags: Label(s) that can later be used to filter the target roles of access certification - campaigns. See the - [ Schedule a Certification Campaign ](/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md) + campaigns. See the [Schedule a Certification Campaign](/docs/identitymanager/saas/user-guide/administrate/access-certification/certification-campaign-scheduling/index.md) topic for additional information. - **NOTE:** Netwrix recommends using role tags when you want to perform an access certification on + :::note + Netwrix recommends using role tags when you want to perform an access certification on a set of roles that are from several categories. + ::: + - Category: Category which is to contain the created role. - Secondary Categories: Other potential categories which are to contain the created role. @@ -90,17 +77,15 @@ New** at the top right corner. - Approve Role Implicitly: Needs at least the simple approval workflow. **Implicit** mode bypasses the approval step(s) if the person who makes the role request is also the role officer. **Explicit** refuses said bypass. **Inherited** follows the policy decision to approve roles - implicitly or not. See the [Create a Policy](/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md) topic for - additional information. + implicitly or not. See the [Create a Policy](/docs/identitymanager/saas/user-guide/optimize/policy-creation/index.md) topic for additional information. - Prolongation without a new approval workflow -- Hide in Simplified View: Hides the role from the users' **Simplified View** in **View - Permissions** dialog. This setting does not apply to roles which are either inferred or have - workflow states which require manual action. -- Maximum Duration: Duration (in minutes) after which the role will be automatically revoked, if no - earlier end date is specified. +- Hide in Simplified View: Hides the role from the users' **Simplified View** in **View Permissions** dialog. This setting does not apply to roles which are either inferred or have workflow states which require manual action. +- Maximum Duration: Duration (in minutes) after which the role will be automatically revoked, if no earlier end date is specified. + + :::note + The maximum duration impacts only the roles which are manually assigned after the maximum duration is set. Pre-assigned roles are not impacted. + ::: - **NOTE:** The maximum duration impacts only the roles which are manually assigned after the - maximum duration is set. Pre-assigned roles are not impacted. - If no duration is set on the role, the maximum duration of the associated policy is applied. - If the duration is set to 0 on the role, it prevents the associated policy from applying its @@ -110,8 +95,11 @@ New** at the top right corner. will be required to validate or decline the entitlement prolongation. Inferred entitlements won't be lost unless the end of the grace period is reached or the prolongation is declined. - **NOTE:** The grace period is only applied if the loss of the entitlement is due to a change in + :::note + The grace period is only applied if the loss of the entitlement is due to a change in the rules, i.e. rule deletion or criteria changes. + ::: + If the grace period is not defined, the value is inherited from the policy. diff --git a/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md b/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md index fb92dccfde..0befcc0de0 100644 --- a/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/single-roles-catalog-creation/role-naming-rule-creation/index.md @@ -8,7 +8,7 @@ sidebar_position: 10 How to create role naming rules, which create single roles using existing naming conventions from the managed system. See the -[ Role Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md) +[Role Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md) topic for additional information. ## Overview @@ -45,7 +45,7 @@ application's users, entitlements and data model. | Input | Output | | ------------------------------------------------------------------------------------ | --------------------------------------------------------- | -| [ Create a Provisioning Rule ](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) (required) | Role naming rule Single roles Navigation rules Categories | +| [Create a Provisioning Rule](/docs/identitymanager/saas/user-guide/set-up/provisioning-rule-creation/index.md) (required) | Role naming rule Single roles Navigation rules Categories | ## Create a Role Naming Rule @@ -77,7 +77,7 @@ Create a role naming rule by proceeding as follows: - **+ New Rule**: a naming rule is based on the union of rules, themselves based on the intersection of rule items. A rule item specifies one of the conditions that will trigger the enforcement of the naming rule. See the - [ Role Mapping ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md) + [Role Mapping](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/rolemapping/index.md) topic for additional information. - `Where Expression`: C# expression returning a boolean to condition the application of the rule. @@ -97,7 +97,7 @@ Create a role naming rule by proceeding as follows: [Expressions](/docs/identitymanager/saas/integration-guide/toolkit/expressions/index.md). - **Category**: the - [ Category ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) + [Category](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/category/index.md) for the future role(s). - `Identifier`: either matches an existing category and selects it, or doesn't match and diff --git a/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md b/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md index 9d0cd2339d..24b875ef3c 100644 --- a/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/synchronization/index.md @@ -26,46 +26,33 @@ the synchronization itself. #### Export -The -[ Export Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) -creates extractions, a snapshot of the managed system's data, used to insert and/or refresh the data -that is inside Identity Manager. Extractions are accessible when there is at least one connection -with an export-enabled -[ References: Packages ](/docs/identitymanager/saas/integration-guide/connectors/references-packages/index.md). -Extracted data becomes meaningful when it is loaded into resources as specified by the entity type -structure. +The [Export Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/exporttask/index.md) +creates extractions, a snapshot of the managed system's data, used to insert and/or refresh the data that is inside Identity Manager. Extractions are accessible when there is at least one connection with an export-enabled [References: Packages](/docs/identitymanager/saas/integration-guide/connectors/references-packages/index.md). +Extracted data becomes meaningful when it is loaded into resources as specified by the entity type structure. Exported data is stored inside CSV files in the folder `/{InstallationFolder}/Temp/ExportOutput`. #### Prepare synchronization -The -[ Prepare Synchronization Task ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md)performs -a preparatory data cleansing to spot errors and list them in a generated file in the -`/{InstallationFolder}/Work/Synchronization` folder. +The [Prepare Synchronization Task](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/jobs/tasks/agent/preparesynchronizationtask/index.md) performs a preparatory data cleansing to spot errors and list them in a generated file in the `/{InstallationFolder}/Work/Synchronization` folder. -> For example, this task spots an identity if it is linked to an organization code which doesn't -> exist. +> For example, this task spots an identity if it is linked to an organization code which doesn't exist. #### Synchronize The `Synchronize` task loads data into Identity Manager's database. -See the -[ Upward Data Synchronization ](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) +See the [Upward Data Synchronization](/docs/identitymanager/saas/integration-guide/synchronization/upward-data-sync/index.md) topic for additional information. ### Prerequisites #### Extracted data must have keys -Every extracted resource must have an attribute that serves as a primary key so that Identity -Manager can uniquely identify the resource to be added/updated/deleted during synchronization. You -must have defined keys during Entity Type creation. See the -[Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md) topic for additional -information. +Every extracted resource must have an attribute that serves as a primary key so that Identity Manager can uniquely identify the resource to be added/updated/deleted during synchronization. You must have defined keys during Entity Type creation. See the +[Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md) topic for additional information. -Extractions must not be modified before synchronization +**Extractions must not be modified before synchronization** Extractions must not be modified manually, for it may induce synchronization issues. @@ -74,7 +61,7 @@ Extractions must not be modified manually, for it may induce synchronization iss Also, synchronization must not be disturbed by a change in the source format, such as the deletion of a column in the middle of the file. -Thresholds must never be deactivated +**Thresholds must never be deactivated** Thresholds are essential safety guards that control all changes, for example preventing the overwriting of important data by mistake. Thresholds are by default activated to warn users when @@ -84,17 +71,13 @@ _"Threshold Exceeded"_ on the log page described below. Once the changes have been reviewed, the blocked job can be resumed (or not). -Thresholds are configured with default values using the following -[ Connector ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) -attributes: +Thresholds are configured with default values using the following [Connector](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/connectors/connector/index.md) attributes: - `MaximumDeletedLines`, `MaximumInsertedLines` and `MaximumUpdatedLines` for scalar properties; - `MaxPercentageDeletedLines`, `MaxPercentageInsertedLines` and `MaxPercentageUpdatedLines` for scalar properties by percentage; -- `MaximumLinkDeletedLines`, `MaximumLinkInsertedLines` and `MaximumLinkUpdatedLines` for navigation - properties; -- `MaxLinkPercentageDeletedLines`, `MaxLinkPercentageInsertedLines` and - `MaxLinkPercentageUpdatedLines` for navigation properties by percentage. +- `MaximumLinkDeletedLines`, `MaximumLinkInsertedLines` and `MaximumLinkUpdatedLines` for navigation properties; +- `MaxLinkPercentageDeletedLines`, `MaxLinkPercentageInsertedLines` and `MaxLinkPercentageUpdatedLines` for navigation properties by percentage. ## Participants and Artifacts @@ -104,7 +87,7 @@ At this point, integrators should have all the elements they need to perform syn | ------------------------------------------ | ----------------- | | Connector with its entity types (required) | Synchronized data | -See the [ Connect to a Managed System ](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) topic for additional +See the [Connect to a Managed System](/docs/identitymanager/saas/user-guide/set-up/connect-system/index.md) topic for additional information. ## Launch Synchronization @@ -137,18 +120,13 @@ Launch synchronization for a given managed system by proceeding as follows: ## Manage Synchronization Automation -Export and synchronization are executed manually from the connector screens. By default, they are -also part of scheduled [ Jobs ](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md) provided by -Identity Manager: +Export and synchronization are executed manually from the connector screens. By default, they are also part of scheduled [Jobs](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobs/index.md) provided by Identity Manager: -- the complete job is scheduled to launch a synchronization once a day of all resources, modified or - not; -- the incremental job is scheduled to launch a synchronization several times a day only of the - resources modified since the last synchronization. +- the complete job is scheduled to launch a synchronization once a day of all resources, modified or not; +- the incremental job is scheduled to launch a synchronization several times a day only of the resources modified since the last synchronization. See the [Set Up Incremental Synchronization](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobfast/index.md) -and [Set up Complete Synchronization](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobdaily/index.md) -topics for additional information. +and [Set up Complete Synchronization](/docs/identitymanager/saas/integration-guide/tasks-jobs/jobdaily/index.md) topics for additional information. Scheduling the jobs avoids manually triggering them everyday. @@ -172,12 +150,10 @@ All jobs are accessible on the **Job Execution** page in the **Administration** ## Verify an Entity Type's Synchronization -In order to verify both the synchronization configuration and -[Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md): +In order to verify both the synchronization configuration and [Create an Entity Type](/docs/identitymanager/saas/user-guide/set-up/connect-system/entity-type-creation/index.md): 1. Launch synchronization. -2. Access the connector's logs (from **Job Results** on the connector's dashboard) to ensure that - synchronization completed successfully. +2. Access the connector's logs (from **Job Results** on the connector's dashboard) to ensure that synchronization completed successfully. ![Jobs Results](/img/product_docs/identitymanager/saas/user-guide/set-up/synchronization/synchro_results_v603.webp) diff --git a/docs/identitymanager/saas/user-guide/set-up/user-profile-assignment/index.md b/docs/identitymanager/saas/user-guide/set-up/user-profile-assignment/index.md index 0737c0fa8e..77b5b24e11 100644 --- a/docs/identitymanager/saas/user-guide/set-up/user-profile-assignment/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/user-profile-assignment/index.md @@ -10,31 +10,21 @@ How to assign Identity Manager's access permissions to users through profiles. ## Overview -All the permissions to access items in Identity Manager, and to perform given actions, are managed -by assigning profiles to users and permissions to profiles. See the -[ Assigned Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) -and [References: Permissions](/docs/identitymanager/saas/integration-guide/profiles-permissions/permissions/index.md) -topics for additional information. +All the permissions to access items in Identity Manager, and to perform given actions, are managed by assigning profiles to users and permissions to profiles. See the [Assigned Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md) and [References: Permissions](/docs/identitymanager/saas/integration-guide/profiles-permissions/permissions/index.md) topics for additional information. ![Schema - Profile Assignment](/img/product_docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/profiles_schema.webp) For example, the access to the list of users with their personal data is usually restricted to HR people, and the possibility to modify personal data restricted to HR managers. -We define here a permission as an entitlement within Identity Manager. See the -[ Configure a User Profile ](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topic for additional -information. +We define here a permission as an entitlement within Identity Manager. See the [Configure a User Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. -Users are assigned profiles according to the permissions they need to work, at least one profile per -user. A user without a profile cannot access the application. Experience shows that most users have -one profile, sometimes two, and rare case have maximum three, or more. +Users are assigned profiles according to the permissions they need to work, at least one profile per user. A user without a profile cannot access the application. Experience shows that most users have one profile, sometimes two, and rare case have maximum three, or more. The goal here is to link users to basic profiles. -The right time to assign profiles to users is just before they need it, so it depends on the -deployment strategy. -For example, we connected a given application and now we want to list orphaned accounts. Then we -need to assign a role officer. +The right time to assign profiles to users is just before they need it, so it depends on the deployment strategy. +For example, we connected a given application and now we want to list orphaned accounts. Then we need to assign a role officer. The priority is often about resource managers who will review orphaned and unused accounts. @@ -44,16 +34,13 @@ Integrators must have the knowledge of who must be able to access what within Id | Input | Output | | ------------------------------ | ----------------- | -| Configured profiles (required) | Assigned profiles | - -See the [ Configure a User Profile ](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topic for additional -information. +| [Configured profiles](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) (required) | Assigned profiles | ## Assign a Profile to an Account In the following section you will read about how to assign a profile to an account. -Manual assignment +**Manual assignment** Assign manually a profile to a user by proceeding as follows: @@ -76,59 +63,38 @@ section. - **Deny this Profile**: Option that forbids the profile assignment instead of applying it. - **Start Date** and **End Date**: Particularly useful for profile delegation. -**NOTE:** If filters are defined in the Access Rules, and are assigned to the profile, a -**Criteria** section will appear containing them. Filters are conditions that, if met, trigger the -Access Control Rule Application. -The only filters which can be displayed in this section are filters related to dimensions or hard -coded criteria (Single Role, Composite Role, Resource Type and Category). -The filters are defined in the XML configuration on the access control rules. The criteria displayed -are a fusion of the filters of all the rules associated with the profile. See the -[Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) -topic for additional information. - -Automatic assignment - -The largest profiles with the most basic permissions (like a simple access to the application) -concern many identities and are low-privileged. Thus integrators can set up profile assignment rules -through the XML configuration in order to assign profiles automatically, based on accounts' resource -type and potentially specific criteria. See the -[Profile Rule Context](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md) -topic for additional information. +:::note +If filters are defined in the Access Rules, and are assigned to the profile, a **Criteria** section will appear containing them. Filters are conditions that, if met, trigger the Access Control Rule Application. +The only filters which can be displayed in this section are filters related to dimensions or hard coded criteria (Single Role, Composite Role, Resource Type and Category). +The filters are defined in the XML configuration on the access control rules. The criteria displayed are a fusion of the filters of all the rules associated with the profile. See the [Access Control Rule](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/accesscontrolrule/index.md) topic for additional information. +::: + + +**Automatic assignment** + +The largest profiles with the most basic permissions (like a simple access to the application) concern many identities and are low-privileged. Thus integrators can set up profile assignment rules through the XML configuration in order to assign profiles automatically, based on accounts' resource type and potentially specific criteria. See the [Profile Rule Context](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/profilerulecontext/index.md) topic for additional information. ![Launch Button](/img/product_docs/identitymanager/saas/user-guide/set-up/user-profile-assignment/launch_v603.webp) Click on **Launch** to apply these profile rules. -**NOTE:** Profile rules can also be applied through the same button on the **Profiles** page, by -clicking on **Settings** in the **Configuration** section, then on **General** > **Profiles** in the -left menu. +:::note +Profile rules can also be applied through the same button on the **Profiles** page, by clicking on **Settings** in the **Configuration** section, then on **General** > **Profiles** in the left menu. +::: + ## Delegate a Profile -Sometimes, users need to lend their entitlements, while on leave for example. In this case, it is -interesting to create new profiles, identical to the initial ones but without the right to delegate -the corresponding entitlements. +Sometimes, users need to lend their entitlements, while on leave for example. In this case, it is interesting to create new profiles, identical to the initial ones but without the right to delegate the corresponding entitlements. -For example, let us consider the Manager profile which we appointed as request validator per -department. In order to ensure the presence of all validators at all times, we choose to create a -Assistant Manager profile which is to be assigned occasionally to another user by a manager. A user -with the Assistant Manager profile will receive exactly the same entitlements as someone with the -Manager profile, except for the ability to assign the Assistant Manager to another user. +For example, let us consider the Manager profile which we appointed as request validator per department. In order to ensure the presence of all validators at all times, we choose to create a Assistant Manager profile which is to be assigned occasionally to another user by a manager. A user with the Assistant Manager profile will receive exactly the same entitlements as someone with the Manager profile, except for the ability to assign the Assistant Manager to another user. -Thus no workflow in Identity Manager can be blocked by the absence of the workflow's actors, and -security is ensured by preventing unwanted entitlement delegation. +Thus no workflow in Identity Manager can be blocked by the absence of the workflow's actors, and security is ensured by preventing unwanted entitlement delegation. ## Verify Profile Configuration and Assignment -In order to verify both profile configuration and assignment, check that a sample of users can -effectively perform the actions allowed by their profiles. See the -[ Configure a User Profile ](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topic for additional -information. +In order to verify both profile configuration and assignment, check that a sample of users can effectively perform the actions allowed by their profiles. See the [Configure a User Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md) topic for additional information. -A functioning and well-assigned profile must not trigger 403 errors in the server logs, nor in the -UI in the form of a red notification at the bottom right corner of the application. This kind of -error appears if an entitlement is incomplete, i.e. giving access to a button but not to the page -said button leads to. +A functioning and well-assigned profile must not trigger 403 errors in the server logs, nor in the UI in the form of a red notification at the bottom right corner of the application. This kind of error appears if an entitlement is incomplete, i.e. giving access to a button but not to the page said button leads to. -For example, you can check whether an ordinary user can access another user's personal data from the -**Directory** tile. +For example, you can check whether an ordinary user can access another user's personal data from the **Directory** tile. diff --git a/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md b/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md index 5a6d9a43a0..21de583674 100644 --- a/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md +++ b/docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/index.md @@ -6,15 +6,11 @@ sidebar_position: 50 # Configure a User Profile -How to tweak the -[References: Permissions](/docs/identitymanager/saas/integration-guide/profiles-permissions/permissions/index.md) for -actions within Identity Manager, for a set of basic -[ Assigned Profile ](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md). +How to tweak the [References: Permissions](/docs/identitymanager/saas/integration-guide/profiles-permissions/permissions/index.md) for actions within Identity Manager, for a set of basic [Assigned Profile](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/access-control/assignedprofile/index.md). ## Overview -All the permissions for accessing items and performing actions in Identity Manager are managed by -assigning profiles to users and permissions to profiles. +All the permissions for accessing items and performing actions in Identity Manager are managed by assigning profiles to users and permissions to profiles. ![Schema - Profile Assignment](/img/product_docs/identitymanager/saas/user-guide/set-up/user-profile-configuration/profiles_schema.webp) @@ -32,7 +28,7 @@ Permissions can be about: - workflows, which gives access to actions for users' lifecycle (onboarding-movement-offboarding), through the workflows provided by Identity Manager within the **Directory** pages; - reports, which gives access to Identity Manager's predefined reports about workforce. See the - [ Generate Reports ](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for additional information. + [Generate Reports](/docs/identitymanager/saas/user-guide/administrate/reporting/index.md) topic for additional information. - notifications, which enables notification reception when specific workflows are launched. Netwrix Identity Manager (formerly Usercube) recommends creating and using the following profiles: @@ -50,15 +46,12 @@ Netwrix Identity Manager (formerly Usercube) recommends creating and using the f A user can have up to 10 assigned profiles. The goal here is to create profiles and link specific permissions to the profiles, in order to build -a set of typical profiles that will later be assigned to users. See the -[Assign Users a Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-assignment/index.md) topic for additional information. -Instead of assigning permissions one by one to users, you will assign them sets of permissions (i.e. -profiles). +a set of typical profiles that will later be assigned to users. See the [Assign Users a Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-assignment/index.md) topic for additional information. +Instead of assigning permissions one by one to users, you will assign them sets of permissions (i.e. profiles). ### Responsibility scopes -Each permission can be assigned a responsibility scope, which represents the scope of action of -users with said permission. +Each permission can be assigned a responsibility scope, which represents the scope of action of users with said permission. > For example, managers can be assigned the `View Requests` and `Manage Accounts` permissions, but > only for the teams in which they have the manager title. In this case they will handle the @@ -72,7 +65,7 @@ Integrators must have the knowledge of the organization strategy towards the IGA | Input | Output | | -------------------------------------------------------------------------------------- | ------------- | -| [ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) (required) | User profiles | +| [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) (required) | User profiles | ## Configure a User Profile @@ -110,11 +103,8 @@ Configure a user profile by proceeding as follows: Before you can see the profile in action, it needs to be assigned to a user. -See the [Assign Users a Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-assignment/index.md) topic for additional -information. +See the [Assign Users a Profile](/docs/identitymanager/saas/user-guide/set-up/user-profile-assignment/index.md) topic for additional information. ## Next Steps -Once user profiles are configured, integrators can start configuring onboarding workflows. See the -[ Create the Workforce Repository ](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic for additional -information. +Once user profiles are configured, integrators can start configuring onboarding workflows. See the [Create the Workforce Repository](/docs/identitymanager/saas/user-guide/set-up/initial-identities-loading/index.md) topic for additional information. diff --git a/docs/identitymanager/saas/whatsnew/index.md b/docs/identitymanager/saas/whatsnew/index.md index 0342f2765c..45b5916f67 100644 --- a/docs/identitymanager/saas/whatsnew/index.md +++ b/docs/identitymanager/saas/whatsnew/index.md @@ -18,7 +18,7 @@ Identity Manager (formerly Usercube) version. ## Netwrix Identity Manager (formerly Usercube) November 25, 2024 -New: Assigned Roles View +**New: Assigned Roles View** The new Assigned Roles page provides a role-centric view, displaying the list of users with permissions in a specified role category and including a downloadable report. This feature is @@ -26,7 +26,7 @@ currently in read-only preview, with additional functionality planned for the ne [Review Assigned Roles](/docs/identitymanager/saas/user-guide/administrate/assigned-roles/index.md) topic for additional information. -New: Context-Bound Manual Permissions +**New: Context-Bound Manual Permissions** Manual permission assignments can now be configured to be tied to a context end date using ‘ManualAssignmentEndDateLockedToContext’. For example, a contractor's manual permissions can be @@ -37,7 +37,7 @@ and [Remove Redundant Assignments](/docs/identitymanager/saas/user-guide/optimize/assignment-automation/remove-redundant-assignments/index.md) topics for additional information. -New: Suggested Multiple Correlations +**New: Suggested Multiple Correlations** A new option allows multi-correlation resource types to propose correlations with less than 100% confidence. This behavior is controlled by the new boolean ‘SuggestAllCorrellations’. The default @@ -46,14 +46,14 @@ lower-confidence suggestions. See the [Resource Type](/docs/identitymanager/saas/integration-guide/toolkit/xml-configuration/provisioning/resourcetype/index.md) topic for additional information. -Enhancement: Access Control and Workflows +**Enhancement: Access Control and Workflows** The maximum number of workflow actors is now configurable via the ‘MaxActors’ key in the ‘appsettings.json’ file. The default value of 20 can now be increased up to 50. See the [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/general-purpose/index.md) topic for additional information. -Enhancement: Certifications and Risks +**Enhancement: Certifications and Risks** Extra options on certification screens (visible on the "..." button) can now be hidden by setting **Only allow approving and refusing on access certifications items** to **Yes**. This will leave @@ -61,19 +61,19 @@ only the **Approve** and **Deny** buttons visible. The default setting is **No** [Configure Global Settings](/docs/identitymanager/saas/user-guide/set-up/configure-global-settings/index.md) topic for additional information. -Enhancement: Connectors and Integrations +**Enhancement: Connectors and Integrations** Two new settings, ‘MaxPageSize’ and ‘DefaultPageSize’, have been introduced to control and optimize API call sizes. See the [Application Settings](/docs/identitymanager/saas/integration-guide/network-configuration/server-configuration/general-purpose/index.md) topic for additional information. -Enhancement: Jobs and Policy +**Enhancement: Jobs and Policy** Manual correlations for resources with multiple correlations can now be performed from the Resource Reconciliation screen. -Enhancement: Logs / Performance / Security +**Enhancement: Logs / Performance / Security** Incompatible C# expressions in the configuration will now be flagged during configuration imports. A new tool, ‘Identity Manager-Check-ExpressionsConsistency’, has been introduced to help identify @@ -89,11 +89,11 @@ of full evaluation modes, evaluating only necessary entity types, and avoiding r executions. Existing jobs are whitelisted, but new non-compliant jobs will generate errors during configuration imports. -Enhancement: UI / UX +**Enhancement: UI / UX** Various user interface improvements, including better tooltips on the Role Review screen. -Enhancement: Other +**Enhancement: Other** The ‘Identity Manager-Export-Bacpac’ tool now allows finer control over data extraction and anonymization options. See the