Identity Broker Forum

Welcome to the community forum for Identity Broker.

Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

+3
Completed

Create a built-in log writer for Azure Log Analytics

Adam van Vliet (Chief Information Security Officer) 3 years ago • updated by anonymous 2 years ago 3

Whilst Azure Log Analytics can be logged to using PowerShell (see here for details), I'm adding this issue to get feedback on whether the community would be interested in a built-in Identity Broker log writer to log to Azure Log Analytics (for example using this).

Answer
anonymous 2 years ago

To be included in the upcoming Identity Broker v5.2 release.

+3
Completed

Adapter auto start

Matthew Davis (Engineering Manager) 3 years ago • updated by anonymous 2 years ago 2

When a connector is stopped, adapters attached to it are also stopped (logically). But when you restart the connector again the adapter isn’t automatically restarted.

Would it be possible to implement a check that when an adapter is queried by FIM, if the adapter was turned off automatically it checks whether its dependencies are back on again and automatically turns back on? But if it was turned back on manually then it stays off and throws an error?

Answer
anonymous 2 years ago

Available in 5.2.1

+3
Declined

IdB battle card for competing products

Adam Bradley 3 years ago • updated by anonymous 2 years ago 1
Answer
anonymous 2 years ago

This belongs with marketing.

+3
Completed

Option to send entity attribute level differences to PowerShell

Shane Day (Chief Technology Officer) 4 years ago • updated by anonymous 2 years ago 1
When using the PowerShell connector, it is sometimes required to calculate what differences there are to an entity at an attribute level.

As Identity Broker already has the ability to produce this, it would be good to have an option to have this pre-calculated for consumption in the PowerShell script.
Answer
anonymous 2 years ago

Added to backlog. It's pretty trivial, so should get done quickly.

+3
Completed

WCAG 2.0 compliance

Shane Day (Chief Technology Officer) 4 years ago • updated by anonymous 2 years ago 2
In order to meet a number of organisations for accessibility standards, particularly for larger value supply contracts, having WCAG 2.0 compliance of Identity Broker would ensure all administration users can use Identity Broker.
Answer
anonymous 2 years ago

Will be addressed by new UI.

+2
Completed

Allow for modular adapter transformations and logging providers

Matthew Davis (Engineering Manager) 2 years ago • updated by anonymous 2 years ago 1

Currently we have the ability to use a provided interface to implement a custom connector that can synchronize data in a specified manner.

Understanding that we have the powershell logging and adapter transformation ability, I feel that it would be beneficial to give people the ability to write custom transformations and custom logging providers that can be loaded into IDB in the same way that custom connectors can be.

This would provide the ability for extended transformations that may be complex to be packaged and used as necessary, avoiding messy powershell scripts. It would also abstract the logging capabilities from the base IDB install, which means that any changes in provider functionality do not need a new release to be distributed (IE splunk changing its data endpoint).

Answer
anonymous 2 years ago

Transformations are already pluggable, they are done in a similar manner to connectors. The difference being that the transformation generator is added into to adapter engine; and the UI uses ExtensibleTransformationController instead of ExtensibleConnectorController. There aren't instructions because no-one has been interested in this before, and we added PowerShell as the extensibility point.

The log writers are technically pluggable, in the service. However, they cannot be added into the UI - meaning they can't be configured. As with the transformation, we have added PowerShell as the extensibility point. I imagine the demand for extensibility in the logging is non-existent due to the PowerShell writer. Any log writers that would be of value would be incorporated into the product. Any breaking changes (as with your Splunk example) would be fixed up in the product, as with any breaking change.

+2
Completed

Import with Scheduler disabled

Matthew Davis (Engineering Manager) 3 years ago • updated by anonymous 2 years ago 3

Currently if the IDB scheduler is disabled, no connectors can run the full imports. When migrating between environments, sometimes you will copy the connector configurations across (which include a timed schedule for scheduled runs). However when doing data load for migration, you want to be able to run the specific connector full imports without other things running by themselves. Currently if the scheduler is disabled nothing can be run on the connector. Would be handy if connector imports could be run manually even with the scheduler disabled.

Answer
anonymous 2 years ago

Added in 5.2.1

+2
Completed

Connector Entity Viewing Headers

Matthew Davis (Engineering Manager) 3 years ago • updated by anonymous 2 years ago 2

When viewing connector entities in IdB, there is a heading up the top which shows column names. Currently if the value of fields is large (such as an XML blob), you have to scroll to the bottom of the page to scroll vertically but then cannot see your column names which makes it difficult to know which column you're viewing.

Would it be possible to put the column names down the bottom of the table as well as up the top so you can see them at all times while scrolling?

+2
Completed

Individual Scheduler Pausing

Matthew Davis (Engineering Manager) 3 years ago • updated by anonymous 2 years ago 3

Currently to pause a schedule for an connector you have to either disable the connector or delete the schedule for that connector.

Sometimes you want to stop the schedule for one specific connector, but still be able to run the connector. Would it be possible to add in a pause option for individual schedules per connector rather than the overall schedule?

+1
Completed

Identity Broker dashboard enhancements

Andrew Silcock 3 years ago • updated by anonymous 2 years ago 3

In doing development I found myself continually jumping between IDB Connector and Adapter pages to look at high level statistics such as polling object counts and pending changes on a few adapters - this can result in having half a dozen tabs open for this purpose.


As an enhancement it would be nice if the IDB Dashboard displayed some more high level statistics such as last run time/status, object counts and pending changes (for adapters) to get a more complete view of the system state.

Answer
anonymous 2 years ago

This is definitely something that will be considered if/when we do the UI rewrite.