Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.
Chris21 Filter field converts {DATETODAY} to date in UI only
Placed Filter
posend:GE:{DATETODAY}:or, posend:EQ:
into filter.
XML shows correct settings, but UI converts
into current date.
eg today this shows:
posend:GE:2013-03-07:or, posend:EQ:
GTR Filters cannot be seen on Chris21 Connector page
GTR Filters are not displayed on Connector. One must disable connector, then go into configuration to see configuration.
Entity does not need to be re-retrieved on update if no attachment handling present
The chris21 connector will always re-retrieve an updated entity from the repository for attachment handling. The retrieval should be moved entirely within the scope of the attachment handling section to avoid this needless performance hit.
Where is the doco on service account requirements
Could someone please tell me, or point me towards, the documentation which tells me the exact requirements for the IdB service account.
idB5 will run MA Imports on disabled Adapters
Executing an MA attached to a disabled adapter will import the last processed entity count
See screenshot attached
screen1.png
Bulk Update Request fails for two modifications to same entity
The LDAP engine is unable to process multiple modify requests to a single entity if they occur on the same page. It is simple enough to make the request handler map entity IDs to a list of requests rather than just a single request, but the real problem is merging the changes on the change report (which deals with IConnectorEntitys). Perhaps the effects of the requests should be merged at a level higher than this.
There are currently no known systems that will send requests like this, so this is not urgent.
Can a Relation.Group.dn transformation be used in conjunction with a filter?
I have configured the following adapter which references a placeholder PERSON connector, and I am trying to get back an "Orgs" collection using a Relation.Group.dn transformation. The following is my adapter configuration:
<!-- 000 Person --> <AdapterConfiguration BaseConnectorId="{A672CB12-2CA2-498b-8992-EAB883A1FC44}" AdapterId="{8291D830-AAA8-4e69-B4E7-AB1C4ABA53E7}" AdapterName="Person Adapter" class="person" > <dn> <dnComponent name="Field" key="AccountName" attributeType="UID" /> <dnComponent name="Constant" value="People" attributeType="OU" /> </dn> <adapterEntityTransformationFactory name="ChainList"> <adapter name="Relation.Group.dn" InputKey ="AccountName" RelationshipConnectorId ="{429AE766-0A1F-404a-ACC1-B4804C859146}" RelationKey ="UserIDName" RelationReference ="subKey" GroupTarget="Orgs"> <dn> <dnComponent name="Field" key="Code" attributeType="UID" /> <dnComponent name="Constant" value="Orgs" attributeType="OU" /> </dn> </adapter> </adapterEntityTransformationFactory> <image>removed</image> </AdapterConfiguration>
The problem I have is that this will return all (distinct) subKey objects associated with the UserIDName derived from an existing claims connector, where I only want to return those where another claims attribute ApplicationName="ESS". Is this possible, and if so how?
Content type usability improvement
Update the agent UI so that the content type setting automatically switches when that agent type setting is changed:
Agent Type | Content Type |
---|---|
WebServiceCommunicator | text/xml |
HttpCommunicator | application/x-www-form-urlencoded |
64-bit Installer
When somebody has a chance, can you please create a 64-bit installer for this?
No rush as x86 works fine, just means I have to copy files which is a bit of a pain
Cheers
Secure storage of password value for use with PowerShell connector
I have a requirement to send a password in clear text within the HTTP header (only protection is SSL) when calling the SAP ODATA API. This cannot be in encoded form, so I cannot use the standard approach used say when calling the Exchange API to provision a mailbox. Is there a way that an encoded password can be accessed and decoded from within the Identity Broker configuration itself (e.g. via a $variable), so that it is not exposed to anyone viewing the IdB configuration?
As an alternative to the Exchange style file-based encoding mechanism I am saving the Base64 encoded password to a text file for now, but this is not exactly secure. If the answer to the above is no, and there are any alternatives that you are aware of please advise.
Customer support service by UserEcho