Identity Broker Forum

Welcome to the community forum for Identity Broker.

Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

+5
Under review
Aneesh Varghese 1 year ago in CSV connector • updated by Adam van Vliet (Product Manager) 1 year ago 1

Add the ability for the FTP agent to connect to SFTP servers. Also update the CSV connector if required to be able to use the updates to the connector.

+5
Planned
Aneesh Varghese 2 years ago in CSV connector • updated by Adam van Vliet (Product Manager) 1 year ago 5

CSV Connector using FTP agent currently doesn't support write/export operation but only import. Understood, it is a bit more complicated than updating a local file but can we look to see what we can do or suggest a workaround to cater write operation.


Some HR Systems like "PayGlobal" currently doesn't have a Web Service interface and the only option for integration is CSV/file extracts. Systems like PayGlobal is also remotely hosted on the Vendors Cloud environment and does require remote file transfer.


Thanks,

Aneesh

+3
Completed
Adam van Vliet (Product Manager) 10 months ago • updated by Curtis Lusmore 4 months ago 3

Whilst Azure Log Analytics can be logged to using PowerShell (see here for details), I'm adding this issue to get feedback on whether the community would be interested in a built-in Identity Broker log writer to log to Azure Log Analytics (for example using this).

Answer
Curtis Lusmore 4 months ago

To be included in the upcoming Identity Broker v5.2 release.

+3
Under review
Matthew Davis 1 year ago • updated by Adam van Vliet (Product Manager) 1 year ago 1

When a connector is stopped, adapters attached to it are also stopped (logically). But when you restart the connector again the adapter isn’t automatically restarted.

Would it be possible to implement a check that when an adapter is queried by FIM, if the adapter was turned off automatically it checks whether its dependencies are back on again and automatically turns back on? But if it was turned back on manually then it stays off and throws an error?

+3
Completed
Boyd Bostock 1 year ago in Identity Broker for Google Apps • updated by Adam van Vliet (Product Manager) 10 months ago 2

Can Identity Broker for Google Apps be made available for Identity Broker v5?


This Broker can manage more attributes than the Google Apps Directory Synchronization and can make use of existing PCNS deployments rather than require Google Apps Password Sync GAPS which needs to be installed on all DCs and is limited to one Google Apps domain.


Cairns Catholic Education will use it and Brisbane Catholic Education would be likely to use it to replace GAPS and GADS with FIM/MIM and IdB.

+3
Declined
Adam Bradley 1 year ago • updated by Adam van Vliet (Product Manager) 4 weeks ago 1
Answer

This belongs with marketing.

+3
When using the PowerShell connector, it is sometimes required to calculate what differences there are to an entity at an attribute level.

As Identity Broker already has the ability to produce this, it would be good to have an option to have this pre-calculated for consumption in the PowerShell script.
+3
Under review
Shane Day (Chief Technology Officer) 2 years ago • updated 2 years ago 1
In order to meet a number of organisations for accessibility standards, particularly for larger value supply contracts, having WCAG 2.0 compliance of Identity Broker would ensure all administration users can use Identity Broker.
+2
Completed
Matthew Davis 8 months ago • updated by Adam van Vliet (Product Manager) 8 months ago 1

Currently we have the ability to use a provided interface to implement a custom connector that can synchronize data in a specified manner.

Understanding that we have the powershell logging and adapter transformation ability, I feel that it would be beneficial to give people the ability to write custom transformations and custom logging providers that can be loaded into IDB in the same way that custom connectors can be.

This would provide the ability for extended transformations that may be complex to be packaged and used as necessary, avoiding messy powershell scripts. It would also abstract the logging capabilities from the base IDB install, which means that any changes in provider functionality do not need a new release to be distributed (IE splunk changing its data endpoint).

Answer

Transformations are already pluggable, they are done in a similar manner to connectors. The difference being that the transformation generator is added into to adapter engine; and the UI uses ExtensibleTransformationController instead of ExtensibleConnectorController. There aren't instructions because no-one has been interested in this before, and we added PowerShell as the extensibility point.

The log writers are technically pluggable, in the service. However, they cannot be added into the UI - meaning they can't be configured. As with the transformation, we have added PowerShell as the extensibility point. I imagine the demand for extensibility in the logging is non-existent due to the PowerShell writer. Any log writers that would be of value would be incorporated into the product. Any breaking changes (as with your Splunk example) would be fixed up in the product, as with any breaking change.

+2
Under review
Matthew Davis 1 year ago • updated by Adam van Vliet (Product Manager) 1 year ago 2

Currently if the IDB scheduler is disabled, no connectors can run the full imports. When migrating between environments, sometimes you will copy the connector configurations across (which include a timed schedule for scheduled runs). However when doing data load for migration, you want to be able to run the specific connector full imports without other things running by themselves. Currently if the scheduler is disabled nothing can be run on the connector. Would be handy if connector imports could be run manually even with the scheduler disabled.