FIM Portal Workflow Definitions
Resource Type: EmailTemplate
  1. DEEWR-Invitation accepted
  2. DEEWR-Invitation delivered
  3. DEEWR-Invitation lodged
  4. DEEWR-Invitation rejected template
  5. DEEWR-Invitee cannot be resolved template
  6. Default expiration notification email template
Resource Type: FilterScope
  1. Administrator Filter Permission
  2. Non-Administrator Filter Permission
Resource Type: ManagementPolicyRule
  1. Administration: Administrators control synchronization rule resources
  2. DEEWR-Accepted invitations are applied to user entitlements
  3. DEEWR-Accepted invitations are applied to user entitlements by invitees
  4. DEEWR-ADMIN ROLE claims are linked to a user
  5. DEEWR-All claims with missing references are deleted
  6. DEEWR-Claims are updated with referenced display names
  7. DEEWR-Claims for IAMOSC ADMIN ROLES are created or updated for a user
  8. DEEWR-Claims for IAMSSC ADMIN ROLES are created or updated for a user
  9. DEEWR-Claims for ORGS are removed for a user
  10. DEEWR-Claims for OTHER ADMIN ROLES are created or updated for a user
  11. DEEWR-Claims for ROLES are removed for a user
  12. DEEWR-Claims for SITES are removed for a user
  13. DEEWR-Claims which are invalid for a given ORG and APPLICATION are deleted for a user
  14. DEEWR-FIM workflow changes to claims trigger Event Broker
  15. DEEWR-FIM workflow changes to users trigger Event Broker
  16. DEEWR-Initial password is cleared after user is first provisioned to AD
  17. DEEWR-Invalid esg roles for sites are removed
  18. DEEWR-Invalid esg sites and roles for org are removed
  19. DEEWR-Invitations where invitee cannot be resolved are deleted
  20. DEEWR-Invitees are resolved for new invitations
  21. DEEWR-Migrated Claims for ORGS are created or updated for a user
  22. DEEWR-Migrated Claims for ROLES are created or updated for a user
  23. DEEWR-Migrated Claims for SITES are created or updated for a user
  24. DEEWR-Notify new invitations
  25. DEEWR-Org admins are recalculated for a ad-hoc user set
  26. DEEWR-Org admins are recalculated for a user
  27. DEEWR-Org users are have matching OSC IDs recalculated
  28. DEEWR-Org users are updated with the matching OSC IDs
  29. DEEWR-Outbound policy for Claims to SQL
  30. DEEWR-Outbound Policy for Users to AD
  31. DEEWR-Rejected invitations are deleted
  32. DEEWR-Role claims are deleted when there is no claim value
  33. DEEWR-Site admins are recalculated for a user
  34. DEEWR-Site users are have matching SSC IDs recalculated
  35. DEEWR-Site users are updated with the matching SSC IDs
  36. DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-contracts
  37. DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-orgs
  38. DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-roles
  39. DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-roleTemplates
  40. DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-sites
  41. DEEWR-Synchronisation: Synchronisation Engine can read and update Claims
  42. DEEWR-Synchronization: Synchronization account controls users it synchronizes
  43. DEEWR-Synchronization: Synchronization engine can read and update DEEWR-roles
  44. DEEWR-Target MPRs for batch jobs falling due are activated
  45. DEEWR-User changes to claims trigger Event Broker
  46. DEEWR-User changes to role templates trigger Event Broker
  47. DEEWR-User changes to users trigger Event Broker
  48. DEEWR-Users are set with default properties
  49. DEEWR-Users are updated with a new OSC
  50. DEEWR-Users are updated with a new SSC
  51. DEEWR-Users are updated with a removed OSC
  52. DEEWR-Users are updated with a removed SSC
  53. Synchronization: Synchronization account can delete and update expected rule entry resources
  54. Synchronization: Synchronization account controls detected rule entry resources
  55. Synchronization: Synchronization account controls synchronization configuration resources
  56. Synchronization: Synchronization account controls users it synchronizes
  57. Temporal policy workflow: Impending group resource expiry notification
Resource Type: Set
  1. Administrators
  2. All DEEWR Admin Role Claims
  3. All DEEWR Batch jobs for activation
  4. All DEEWR Claim administrators
  5. All DEEWR claim administrators and FIM services
  6. All DEEWR Claims
  7. All DEEWR claims for IAMOSC
  8. All DEEWR claims for IAMSSC
  9. All DEEWR Domain users for provisioning
  10. All DEEWR IAM SD3 and OSC users
  11. All DEEWR invalid claims to be deleted
  12. All DEEWR Org Claims
  13. All DEEWR Role Claims
  14. All DEEWR role claims to be deleted
  15. All DEEWR Site Claims
  16. All DEEWR Users
  17. All DEEWR users for ad hoc validation
  18. All DEEWR users for admin validation
  19. All DEEWR users with invalid ORG Admins
  20. All DEEWR users with invalid SITE Admins
  21. All DEEWR Users with migrated IAMOSC ADMIN ROLE claims
  22. All DEEWR Users with migrated IAMSSC ADMIN ROLE claims
  23. All DEEWR Users with migrated OTHER ADMIN ROLE claims
  24. All DEEWR users with provisioning DREs
  25. ALL DEEWR Users with valid ORG claims
  26. ALL DEEWR Users with valid ROLE claims
  27. All DEEWR Users with valid SITE claims
  28. All DEEWR Users without valid APPs
  29. All DEEWR-esg-claims with valid references
  30. All DEEWR-esg-contracts
  31. All DEEWR-esg-invitations
  32. All DEEWR-esg-invitations accepted
  33. All DEEWR-esg-orgs
  34. All DEEWR-esg-role templates
  35. All DEEWR-esg-roles
  36. All DEEWR-esg-roleTemplates
  37. All DEEWR-esg-sites
  38. All DEEWR-roles
  39. All Detected Rule Resources
  40. All expected rule resources
  41. All Groups and Sets
  42. All ma-data and mv-data Resources
  43. All People
  44. All Synchronization Rule Resources
  45. DEEWR-All invitations that failed to resolve
  46. DEEWR-All rejected invitations
  47. DEEWR-All unresolved invitations
  48. DEEWR-All valid claims
  49. DEEWR-Forefront Identity Manager Service Account
  50. DEEWR-Invitations with resolved invitees
  51. Expiring Group Resources
  52. Synchronization Engine
Resource Type: SynchronizationRule
  1. DEEWR-Outbound Synch Rule for Claims to SQL
  2. DEEWR-Outbound Synch Rule for Users to AD
Resource Type: WorkflowDefinition
  1. DEEWR - Event Broker Data Changes
  2. DEEWR - Event Broker Rule Changes
  3. DEEWR-Activate batch job
  4. DEEWR-Add org admins for an OSC
  5. DEEWR-Add site admins for an SSC
  6. DEEWR-Apply invitation to entitlements
  7. DEEWR-Clean up after user account is provisioned
  8. DEEWR-Create or update user ESG ORG claims
  9. DEEWR-Create or update user ESG ROLE claims
  10. DEEWR-Create or update user ESG SITE claims
  11. DEEWR-Create or update user IAMOSC ADMIN ROLE claims
  12. DEEWR-Create or update user IAMSSC ADMIN ROLE claims
  13. DEEWR-Create or update user OTHER ADMIN ROLE claims
  14. DEEWR-Delete invalid user claims for Org and Application
  15. DEEWR-Delete invitation where invitee not resolved
  16. DEEWR-Delete Object by ID
  17. DEEWR-Delete rejected invitation
  18. DEEWR-Delete user ESG ORG claims
  19. DEEWR-Delete user ESG ROLE claims
  20. DEEWR-Delete user ESG SITE claims
  21. DEEWR-New users are set with default properties
  22. DEEWR-Notify invitee resolved OK
  23. DEEWR-Outbound workflow for Claims to SQL
  24. DEEWR-Outbound Workflow for Users to AD
  25. DEEWR-Recalculate org admins for an org
  26. DEEWR-Recalculate site admins for a site
  27. DEEWR-Remove invalid esg roles for user sites
  28. DEEWR-Remove invalid esg sites and roles for user orgs
  29. DEEWR-Remove org admins for an OSC and delete claim
  30. DEEWR-Remove site admins for an SSC and delete claim
  31. DEEWR-Reset OSCs for a user
  32. DEEWR-Reset SSCs for a user
  33. DEEWR-Resolve org invitee
  34. DEEWR-Set claim sync values
  35. DEEWR-Set OSCs for a user ORG claim
  36. DEEWR-Set SSCs for a user SITE claim
  37. DEEWR-Update ADMIN ROLE claims for a user
  38. Expiration Workflow
  39. Filter Validation Workflow for Administrators
  40. Filter Validation Workflow for Non-Administrators
  41. Group Expiration Notification Workflow
  42. Group Validation Workflow
  43. Owner Approval Workflow
  44. Password Reset Action Workflow
  45. Password Reset AuthN Workflow
  46. Requestor Validation With Owner Authorization
  47. Requestor Validation Without Owner Authorization
  48. System Workflow Required for Registration
Resource Type: EmailTemplate
1. DEEWR-Invitation accepted ^Top
ObjectID DEEWR-Invitation accepted
CreatedTime 16/05/2011 13:34:51
DisplayName DEEWR-Invitation accepted
EmailBody User <b>[//WorkflowData/DEEWR-userName]</b> is now eligible for additional claims based on additional ORG: <b>[//WorkflowData/DEEWR-subKeyName]</b>.
EmailSubject Invitation for [//WorkflowData/DEEWR-userName] has been accepted
EmailTemplateType Notification
ObjectType EmailTemplate
2. DEEWR-Invitee cannot be resolved template ^Top
ObjectID DEEWR-Invitee cannot be resolved template
CreatedTime 13/05/2011 6:39:35
DisplayName DEEWR-Invitee cannot be resolved template
EmailBody Your invitation for [//WorkflowData/invitee] to be granted org or site access has been deleted because it could not be resolved.
EmailSubject Invitation for [//WorkflowData/invitee] cannot be resolved
EmailTemplateType Notification
ObjectType EmailTemplate
3. DEEWR-Invitation rejected template ^Top
ObjectID DEEWR-Invitation rejected template
CreatedTime 16/05/2011 12:35:25
DisplayName DEEWR-Invitation rejected template
EmailBody Your invitation for <b>[//WorkflowData/invitee]</b> to be granted org or site access has been deleted because it was rejected.
EmailSubject Invitation for [//WorkflowData/invitee] has been rejected
EmailTemplateType Notification
ObjectType EmailTemplate
4. DEEWR-Invitation lodged ^Top
ObjectID DEEWR-Invitation lodged
CreatedTime 17/05/2011 7:52:56
DisplayName DEEWR-Invitation lodged
EmailBody Admin user <b>[//Target/DEEWR-esg-inviter]</b> has requested approval for <b>[//Target/DEEWR-userID]</b> to be eligible for additional claims based on additional ORG: <b>[//Target/DEEWR-esg-organisationID]</b>.
EmailSubject Invitation for [//Target/DEEWR-esg-invitee] has been lodged
EmailTemplateType Notification
ObjectType EmailTemplate
5. DEEWR-Invitation delivered ^Top
ObjectID DEEWR-Invitation delivered
CreatedTime 14/07/2011 9:01:15
DisplayName DEEWR-Invitation delivered
EmailBody Admin user <b>[//Target/DEEWR-esg-inviter]</b> requests that <b>[//Target/DEEWR-userID]</b> join ORG: <b>[//Target/DEEWR-esg-organisationID]</b><cr> ...To accept or reject this request please click <cr><b><a href="http://edmgt051/IdentityManagement/aspx/customized/CustomizedObjects.aspx?type=DEEWR-esg-invitation&display=DEEWR-esg-invitation" target="_top">this link</a></b>
EmailSubject Invitation from [//Target/DEEWR-esg-inviter] to join ORG: [//Target/DEEWR-esg-organisationID]
EmailTemplateType Notification
ObjectType EmailTemplate
6. Default expiration notification email template ^Top
ObjectID Default expiration notification email template
CreatedTime 25/10/2010 14:39:22
DisplayName Default expiration notification email template
EmailBody The [//Target/ObjectType], [//Target/DisplayName], is due to expire on [//Target/ExpirationTime]. If you do not wish the [//Target/ObjectType] to be deleted, then you should extend its expiration date.
EmailSubject [//Target/ObjectType] Expiration
EmailTemplateType Notification
ObjectType EmailTemplate
Resource Type: FilterScope
1. Administrator Filter Permission ^Top
ObjectID Administrator Filter Permission
AllowedAttributes Resource ID #703c5735-0d86-44a5-82c3-75550498e600; Account Name #3e04bbbf-014f-413c-8d07-6276cd383be8; Action Parameter #85f1c7b2-a910-4947-9ea0-d1686dd94bd1; Action Type #88035713-8701-413b-890e-fb1b67e75e41; Action Workflows #080a0df8-cfe2-4417-b39a-b301373b6c69; Action Workflow Instance #04465efc-a55c-43a4-9302-f1a626bbbd52; Activity Name #09fe0d1d-294f-4670-bfbe-d50fd418a783; AD User Cannot Change Password #29988985-5988-41a4-9349-22bd8fc0093a; Address #f2a28530-fcef-47e1-8aac-61e1d7b516e7; Allowed Attributes #68c270fa-3b93-4393-9435-02b00db03f12; Allowed Membership References #9c4df473-3f34-455c-ae88-0826011b677b; Applies to Create #e113b8c8-5dee-4175-bf72-f717b824e833; Applies to Edit #c6d13a78-53d7-42ad-8735-07d5cf37407e; Applies to View #cb65885b-4b02-4ad3-b477-ce150f1ea915; Approval #37b40c9a-4cc5-42fa-b19a-bd1595831186; Approval Duration #719476c5-aeb3-4306-8c41-cbe17ed49c5d; Approval Response #dad0b4d3-b199-4cef-87e0-6e2a915e2e58; Approval Status #da7adf58-d769-48bf-b8c0-2225d1dca3e8; Approval Threshold #775a4d9d-7d87-49ed-a612-c4db117bda5f; Approver #2849e58d-b587-4b2f-884d-fea3ea3a1503; Assembly #2dbb5b0f-6c16-4290-8e73-d6418e2ae4e9; Assembly Name #5eb9b506-86d1-4455-bfb1-466dbb01f875; Assistant #df1b9fa9-8398-4b8a-a227-da88146badf0; Authentication Workflows #fbeec2c3-2cb0-434b-8500-5d865e57251c; Authentication Workflow Instance #23773893-79a3-4acd-b3c5-0708f58b40f9; Lockout Gate Registration Data Ids #a9c1fb53-0fac-4df7-bab0-f63ec88fcd8b; AuthN Workflow Locked Out #a44b310f-190c-40f9-8307-0e5777e3f741; AuthN Workflow Registered #0f91f56e-6510-4195-9c17-7b11560edcf0; Authorization Workflows #7879912d-aec6-4954-9eae-2485f6b664c1; Authorization Workflow Instance #bcdfa59d-4e0b-4d4e-b60b-dd12b2a15d22; Attribute Type #54ccb308-7cc9-451e-a952-0f071e95c917; Resource Type #9f35c912-18bb-4b73-b128-281be0cae32f; Branding Center Text #f1b5b955-fe30-4d45-834b-2b2fb4095381; Branding Left Image #6618a104-8e54-45ab-8ed7-facdbea1c137; Branding Right Image #4dc25855-acd2-451d-b9a6-2c8298b798bc; City #0c89fc1b-0277-40b9-a3e6-9fefc6ca941e; Clear Registration #77856d7e-e15c-48d7-ae31-d704d3355bb5; Committed Time #c79a520a-8829-4e8d-881d-85106a659482; Company #93d6fff0-471f-4aa2-9e71-eec04441cdca; Computed Actor #d30313b9-373f-44be-9193-b141efaf63e9; Computed Member #a6962149-c8db-47d8-ad4e-780d94c10795; Configuration Data #b540d122-96ad-4231-9aed-f1d81d1704cb; External System Resource Type #4970cd48-a8f9-465d-bb4c-c2559a287819; External System #6444efb5-1ccf-45dc-9e95-38cad9e6535a; External System Scoping Filter #1c95ea87-febc-41ba-8c84-eb5fa9060ec8; Connector #ea11f32e-ff73-4d8c-b497-55aca16ee988; Constant Value Key #1150a08e-f38d-467b-8a9b-5a08643c0383; Contact Set #6d859105-9068-4c20-9fd1-cd549b5e6dbf; Cost Center #c7b905ba-bc2b-4e67-9759-88e58d5f5d57; Cost Center Name #44c2ba14-9106-43f1-ac9e-b860d0769df3; Country/Region #c3a508ca-2f87-4b62-a130-1e080f1828a2; Resource Count #0d617356-001b-47e4-9d37-59b447dfe34e; Create External System Resource #69dc8a50-3508-4a6e-8cb8-738f7905b708; Created Time #194cd907-6bb7-473b-9581-4ba332234827; Create FIM Resource #c1508001-380d-4ee2-bad5-03d239282aa4; Creator #d6c0457f-d0ed-497b-b52a-e94f49f35c06; Data Type #73c26865-473a-48c8-8c59-b6d33d16998a; Decision #c995713f-4a99-4b43-b58e-64492b562445; Deleted Time #eccde56e-0f47-4bd6-bb65-f0b5ecb4d2df; Department #5399a6e8-ec8e-476a-8267-efeb502267f6; Dependency #a65e77b4-d89c-4af8-92b9-531bf1c32f9c; Description #c66a012e-72af-46c3-b95b-c2779c6bcd3f; Detected Rules List #c851725e-3201-42b0-adb5-6f49e166ad3c; Disabled #e7fddbc2-919c-4ebe-b909-97c9048afd90; Disconnect External System Resource #9c79ecd4-2102-496d-aa34-786595ba8fa6; Displayed Owner #15c50153-ea0a-48cb-b140-ed5f93a73b49; Display Name #7dcc83b6-8be7-4717-a1ac-62b0b1b7ce29; Distribution Group Domain #0b7ba89b-3646-48dd-ab74-452f774ee736; Domain #da0212dc-9f78-483f-a318-5ac275175530; Domain Configuration #0570d290-f66c-4c06-9e2f-7f97161fe234; E-mail #ba33a27e-a0f1-49dd-8652-9f648b168f6e; Body #f81486a3-e813-43c4-b149-dfc1dee94f0e; Subject #338cac61-e2e4-4312-8011-d5f2008363a4; Template Type #eaaabcd6-fd4f-4c0e-9cea-1e7cc3874d12; Employee End Date #5e65f04d-8ab7-4f70-b91b-052be33c343b; Employee ID #ce497121-8d0b-4f1f-9cb0-4c1324496163; Employee Start Date #9d2bafbe-d619-4c9e-87f2-760a7ec181bf; Employee Type #a742d99f-8f40-41ca-b0b1-f68879a82a83; Endpoint Address #ad08a089-d799-4b8e-8ec4-89c746768664; Existence Test #12a0aa52-f366-4154-95f8-3b4942f50f1f; Expected Rule Entry Action #3f5a00b1-fbae-4252-88d3-dcf7edf8b449; Expected Rules List #0b28567e-f97e-42d8-8aa3-c73cdc4087c9; Expiration Time #1bbba958-4aa1-4752-8443-076e4c8ed04c; Manually-managed Membership #604484e7-8745-4667-8680-e4b501ad131a; Filter #43d86477-dc6d-4d28-a339-a7c322a06fe4; First Name #58650157-dd41-4507-8c5b-fc412ed09587; Data Flow Direction #3863c309-5c0f-4ec0-a8e7-c56ed9f8df03; Foreign Security Principal Set #028854f0-d492-45e0-9951-a2418e4dc740; Forest Configuration #a18c9d0c-2bdb-4843-b484-65fca7105baa; Freeze Count #92f7c54a-a446-45e9-b042-3e663611f1cc; Freeze Level #d119290b-df3d-4674-a794-4b30c028cee3; Function Name #9bb52445-8718-4eae-9654-5412646edf1d; Parameters List #dc4c6143-2785-483e-b8af-f32cefde9a09; Gate Data #ff9d22ce-a3dd-43e6-bdd6-2c0b97b3bc53; Gate ID #8f63f1d8-bf84-40f2-a557-764768c84e40; Gate Type #4025cfd6-1fd1-450f-93e5-22da3cc1078e; Grant Right #6db5d53c-411e-4f11-a4ca-8eb45ead5b9a; Has Collateral Request #15330b6d-93fb-4ad4-9e55-782f1dad0ce4; FIM Resource Type #87f7b4d7-eca8-414a-9c47-c1d86f1285e4; Image Url #21af66fa-2dbc-489d-af21-ec13993ad158; Initial Flow #f6c1a1ad-4fe6-4a14-b3de-fb6c27e26528; Integer Maximum #a6a1761b-72a8-4e4c-b12e-d00e25ab82a2; Integer Minimum #712cf433-2918-486b-a2b9-5a93719c20d1; Is Action Activity #d9735b18-649d-4ee9-b1f8-eb578e4ae532; Is Authentication Activity #ab2dc728-4b52-47ea-9a9f-e440646397d4; Is Authorization Activity #d41c2968-93db-4460-a196-d03e22320a45; Is Configuration Type #95a8a0bc-b3bb-48af-a176-2d725c59d735; RAS Access Permission #e83e5d26-9e71-4b6c-88ec-b5623de2185e; Job Title #2b57ca23-0967-45aa-a2a8-d1707aa00a12; Last Name #843df943-b828-49fd-88da-c4ad8567147c; Last Reset Attempt Time #31529fe6-2226-475c-9188-8229fbfb4c76; ListView Cache Time Out #0ead4e83-918e-4d76-9e9c-18f853051cef; ListView Items per Page #d344081b-bfa9-4967-bd86-8920a46f20b1; ListView Pages to Cache #8fcd419e-b96b-4707-8e0b-1e00cbae3a0c; Locale #c33d5c8c-f62f-475f-87aa-9ace534deca2; Localizable #fbbf17e9-3f84-4ce3-8783-930261434b59; Login Name #6d3ed886-4d09-4b8c-997a-63dc43a6081d; E-mail Alias #1b364ece-d609-461f-a365-9b3ebfb6ba16; Management Policy Rule #f8d3457a-ce54-4dc4-8e5a-4e8cd61dfd4d; Manager #b64c4c60-2601-43d4-8c70-2cf2c0c91ddf; Membership Add Workflow #fe182ad0-60c3-46ff-afb9-366b87811a25; Membership Locked #bc20a9a5-8c99-4edc-bcf3-1f7462ea8ead; Middle Name #a71e8335-0bc5-4739-9ba2-4474804161ab; Mobile Phone #bc2faf35-885b-41e0-84a6-48270a2a5465; Multivalued #83aeb95d-5793-47c5-97c8-967dec87ebc9; MV Resource ID #70e9424e-7700-42e1-8da3-fbe72357cc1c; Name #f059c901-a968-4df8-862d-6dc36997a8ab; Namespace #81901366-0723-4323-9717-5f1378b32cab; Navigation Page #4ccae28b-afd6-47a3-9057-e959c8e97c81; Navigation Url #8d8aa769-e6f1-4c7e-a588-0bb1e4e014c2; Resource SID #3d0beb9e-4971-421d-877a-a6d19a54fbbb; Resource Type #acbcad3b-8394-4af3-a1d4-149cabae05d1; Fax #ab23f0ab-3cd0-4651-b70f-0f7414e9e8d4; Office Location #078977c0-221e-4561-a5d7-56051538cbac; Office Phone #85522959-4d96-41be-a242-352ee89df15f; Operation #bac5c452-88fc-4ed7-8720-bb966a4fbcf4; Order #c34b34d6-ac91-4ef4-8ee7-04348dc2e604; Owner #369a2f34-bc55-43c9-a7b5-807f56295919; Parent Order #75d090b3-8f18-4bdf-a271-71e37a99e00a; Parent Request #a061a320-32d5-47bc-9090-86b1eeb9f353; Persistent Flow #52d0773e-10ac-4f15-8816-0b50bf5d5ec0; Photo #f35e21ba-f5f2-46b2-9d5a-2c6a116fcf5f; Postal Code #d351e488-2340-427d-953f-adfcd3d590e8; Precedence #344a872a-9b42-423d-a81b-5b235e8eff4c; Principal Set Relative To Resource #52e8f8e7-e41c-44bf-8444-43fddbd20b78; Principal Set #1200a345-8a3e-40da-b5a6-81aa940a87ba; Proxy Address Collection #abfdace8-656d-4fe3-8186-2ca0d030b908; Reason #0970cebd-4ae6-442b-8d56-af48e1bea4df; Region #a79cd603-1b7d-4858-882b-ef91bbbacfee; Register #9c9585a6-be53-43bb-ae4e-d818d6553e3a; Registration Required #40e84b9b-95f6-41c9-a6fd-cf8611785a5b; Relationship Criteria #cdde9675-2955-4ff6-9fb4-8721dc62548d; Request #bde47c24-a188-4993-9dec-93574b350070; Request Control #d7178e58-fea2-4134-ba66-dfd53b093167; Requestor #7bc62cde-0aa5-4d0d-85d0-2faa022d5d23; Request Parameters #98655fd1-bad1-4419-8a9c-64c52707b1fe; Request Phase #470829cc-8c2f-4b9b-aef0-2c349b1e5a15; Request Status #cb568ad7-d6e9-45d5-a926-16dfd25ea39f; Request Status Detail #1ab7df78-14a5-4825-85fa-18a59081bef0; Attribute Is Required #59464df8-3067-433e-bd4b-986f06af25e7; Reset Password #057c273a-acb2-4b1a-b53c-61e4410c4360; Resource Current Set #78683e65-a1bd-449b-b4ed-7f4615ee57c4; Resource Final Set #de1c9a81-2491-40a1-8eff-3699097c7305; Resource Parent #733e63fd-35bd-46d2-8c75-e01dbf91caa2; Resource Time #3f3ffab2-5ff8-4c56-9e72-59b68edf50f4; Retention Period in Days #b14c53e3-e237-473b-9d8a-4ad328f2df9d; Return Type #2357982b-e19a-4a8a-8cc6-ea3c2aba9972; Rules #43cb7150-4d0c-45f2-bd5d-df6fd3ba4e38; Run On Policy Update #ca25ece7-86be-4ee7-a49a-8a61cb6dc873; Scope #70aed207-2509-42b3-a641-b8f45cba2e60; Search Scope Filter #02f6d177-b018-4690-bff8-438102786588; Attribute #54936435-5deb-49e2-84f8-2084bd35d433; Attribute Searched #681af98b-6094-49dd-8536-2c07aebc9c4f; Resource Type #7325ebf2-0756-4b91-b2f3-c00e5e80b049; Redirecting URL #f2298403-f9f5-4aa1-adfb-68834f544f67; SID History #d93ede3d-d358-473e-a969-266898fa3b3a; Status Error #e1c7dfeb-0810-4f0c-8b18-19cf62ea4e0c; String Regular Expression #da9cadc0-298e-41d6-a3f1-08feaadc068e; String Resources #efe2e929-bcd8-42c5-93ce-87c1353c0a40; Supported Language Code #1c569f4d-c4d0-43b1-9196-60d726e16ecf; SyncConfig-attribute-inclusion #4c8f236a-41ba-4e0d-a29a-df2edf1aa221; SyncConfig-capabilities-mask #8978beb3-cb18-4365-8185-cddd397325e7; SyncConfig-category #7f76804d-6ebf-4ed0-ae8b-1c030a8ec16b; SyncConfig-component_mappings #2c7723cd-29f7-45f3-8e22-9318e018c3b9; SyncConfig-controller-configuration #0decbdef-c972-4c1b-b821-afb8e46566fe; SyncConfig-creation-time #b01622a5-3eaf-46b3-b7c5-cdf4e7930ee3; SyncConfig-dn-construction #ca575f94-8cc6-452d-b490-74f81533b5e8; SyncConfig-encrypted-attributes #81ac3c36-a420-48f9-850c-187c17da65e3; SyncConfig-export-attribute-flow #188be708-6840-485c-b468-3c93754505a6; SyncConfig-export-type #ea451f11-650d-4d73-9a06-a6a70e244b1c; SyncConfig-extension #36e9c5c6-84a5-41ad-95a2-173732918f75; SyncConfig-format-version #656e4f42-1d03-4fd9-8973-dfc4f10156ff; SyncConfig-id #706f39d2-7598-4964-8086-22776eced7bd; SyncConfig-import-attribute-flow #b6cfba10-d825-4d5d-94fe-af92dbff08fe; SyncConfig-internal-version #ce85f686-b800-47f2-9f6f-c13305517944; SyncConfig-join #6cf3c2a0-9f90-4e54-8923-49d2d2ffb0c1; SyncConfig-last-modification-time #eb20e892-fd28-4306-ae6c-ceac45611ba5; SyncConfig-ma-companyname #6ee14aa6-d4c2-4af3-857e-fac7728810c2; SyncConfig-ma-listname #001c59cd-e426-4ce7-875f-5a7e26a1aed1; SyncConfig-ma-partition-data #e59e0acb-25a1-4006-82c4-8c69d67db486; SyncConfig-ma-run-data #ac155ab8-28a2-4f8e-aaf0-0682a94fd606; SyncConfig-ma-ui-settings #53f2947b-2f32-4e00-9ea6-fc9c09397462; SyncConfig-mv-deletion #bef23af9-b4df-4ff8-8628-13681c329dc6; SyncConfig-password-change-history-size #75a38ec1-adf6-498b-aa21-4ecf788ea0f5; SyncConfig-password-sync #6c62e388-5161-455b-b905-362d1c4fef26; SyncConfig-password-sync-allowed #fef1d1cc-d997-4ca9-8ff1-f5b81eca9039; SyncConfig-private-configuration #07472122-a861-42be-b5ac-22067003b562; SyncConfig-projection #10d093f5-0337-4ae3-86a1-72ca24ee8e3b; SyncConfig-provisioning #3f9f47dc-b4bc-428b-a8ac-22b8629d384f; SyncConfig-provisioning-cleanup #07003f1e-c886-470c-a89d-155ad5b7b7fa; SyncConfig-provisioning-cleanup-type #dc2ebf57-e114-4cb6-bc5f-72928a2865c5; SyncConfig-provisioning-type #2084cf26-f622-4c65-b856-58ca5621f825; SyncConfig-refresh-schema #5124bbab-83fd-417c-b6b7-b4c73d2906a2; SyncConfig-schema #975b32a3-5df1-4cb5-aa7b-adbc74a44d19; SyncConfig-stay-disconnector #e62303be-7492-41e2-8986-8168fc24f9ad; SyncConfig-sub-type #b8138f34-8ef7-46ff-897b-ab3a582a93f4; SyncConfig-version #040cca97-cf68-4207-ac5c-9f3efa916929; Synchronization Rule Data #00f3e69d-7637-458f-aa0b-e3c94015780f; Synchronization Rule ID #884cca9d-b4d6-4340-9b8b-9d0508e8002f; Synchronization Rule Name #176a7d1b-7d8d-4b1f-82b6-53dddc3cf6a3; Synchronization Rule Parameters #4f49c6da-b99c-4c93-9006-94db9aeb717b; Synchronization Rule Status #bebd0391-44e1-4495-91dd-365eccd2074d; Synchronize ObjectTypeDescription #a065f6e4-0ec6-4e0f-b2d9-eaf1ed642866; Target #299c9743-5d6f-41af-ae9f-6e81e74f3c03; Target Resource Type #2049c8da-0846-4474-813b-77ff283c9d2d; Temporal #85d05a00-a41c-4dfd-b61a-005830f0b0bc; Time Zone #398697ac-82a7-49cc-b8bf-ac23c4a8816c; Time Zone Id #e895d04b-cb93-4a27-9820-b6a60ad9401b; Trusted Forest #6176b60e-efdc-45ee-a137-5ee0babba81a; Type #7aeecb19-6585-432d-abc0-f0080969224e; Type Name #e47a260b-efac-4397-aef6-759db9b396bc; Global Cache Duration #419d9e98-5272-4f2a-886d-bf457da7547c; Navigation Bar Resource Count Cache Duration #37de3ea3-3ba5-46bd-b879-5074a824d4d7; Per User Cache Duration #b22e417e-6a07-46d0-ad80-cc9c59901941; Usage Keyword #1e289af5-4ac0-4ce7-a85f-331b70963ad0; User ID #2cf9a894-ca91-44d6-8d41-8160d3702638; Workflow Definition #02360372-c9d6-4d3c-936b-b898074d7942; Workflow Instance #67c8c936-c947-4f2a-b3c3-e2c3b5c0666b; Workflow Status #43c3b080-c51c-432a-bcc5-531b3b2d8828; Workflow Status Detail #e9b66b56-2cd8-4e16-80d6-f1bb0dcf5473; XOML #a2b426b9-a152-4dad-bddc-1008807949f7; userAccountControl #5d7b3346-e1e5-456a-84d1-5276be3988cf; DEEWR-claimTypeID #75afd0ab-00ce-4c80-9f3f-ec8a89c7f2fe; DEEWR-userID #5666112b-b26c-4caa-824c-3fda175857ad; DEEWR-applicationID #dbfc9056-e6c9-4133-a326-12f20bd43ed1; DEEWR-claimValue #be87a02b-5d19-46fb-a908-207f0cd78099; DEEWR-claimValueType #323a1ea2-33cb-4f5d-b88c-88e4dc1247f1; DEEWR-userIDName #f37887ab-2f35-41e6-b321-866d73f58540; DEEWR-applicationName #5024ca14-c879-4480-93cc-56842afb4178; DEEWR-claimTypeName #2399ab42-e7c1-4bfe-9cb5-1225f32b411f; DEEWR-esg-generalRoleID #daa40246-c050-4510-94cf-ce6d64154b9a; DEEWR-esg-contractID #c44b8155-0f32-4969-890d-898d0406c75c; DEEWR-esg-siteID #60f99071-8e76-4ba0-b3cf-22279713b3a9; DEEWR-uid #6d6b0579-0cc0-431b-bef1-78fe65ec65e3; DEEWR-esg-reportingRoleID #86f14860-ff46-4e87-b3ab-09285d98b34d; DEEWR-esg-orgID #0a0cd30a-0e8b-4375-9330-37c4d57c8912; DEEWR-esg-organisationID #464398f4-1a09-42bb-8ec4-9a0a23e51da5; DEEWR-esg-roleType #310946b5-a5eb-4da8-b06d-5c932bc1e87e; DEEWR-esg-roleID #0c6e3e00-ce1f-4bf8-9a8c-4f469613cd7d; DEEWR-DeptID #c6c1a889-6a95-4e12-8d09-113897373443; Claim ID Name #75758dc9-fbcf-49be-b92e-c046b7c93787; DEEWR-roleID #5a4580d2-0345-4ba9-a44a-a13595cd628a; DEEWR-codeWord #cad28a50-54c5-444c-baf2-575a979eb5b3; lastLogon #3c5849a4-cd22-446a-b3de-d298a806d9a5; DEEWR-subKeyID #4e64a45b-077b-406b-a83f-604b21339a19; DEEWR-subKeyName #90086975-850a-4828-b184-51534c316516; info #26b0e0a6-79dc-41a7-a9d9-0f6c93ee5c5e; DEEWR-esg-inviter #da49e464-058e-4f9c-83be-92aacda544ed; DEEWR-esg-invitee #5ede338e-42df-45c7-b1c8-6c45d6fffc1c; DEEWR-esg-isAccepted #40e713a2-ed45-4a4a-8302-f89ee3021bbb; DEEWR-esg-orgUserID #487736d6-ac1c-4149-a998-87de1d5dc158; DEEWR-esg-siteUserID #11a47f9b-a3b2-4a89-a56f-9d1f26ab3dba; whenCreated #1b1a89ba-ed86-4a80-ba94-3cbebfc62f10; DEEWR-esg-targetID #b10d8ede-afd1-4418-bf65-7c9c0ca0c934; DEEWR-assignedRoleID #32a1e758-531d-4539-8027-a07fdb37c629; DEEWR-appID #0687f860-8700-4093-b340-7bad6839d1c7; unicodePwd #804628c3-29b2-4ad3-8d73-ef0a4fc8b897; lockoutTime #df514c5a-5654-4975-a226-f5e5b32e322a; DEEWR-selfServicePassword #d527ad5d-0d0e-4850-a9d1-30cee95024a3; DEEWR-esg-securityReports #f90071fb-a219-4f72-b961-11f8646b47c3; IsActive #e78d5c95-47cf-414b-83dd-5e516425ea41; DEEWR-claimValueID #8ddd758d-c476-41bc-abd7-88539ba79d06; Claims #532a853a-7d73-4265-890c-9b649f1aa9ac; Sites #65b9d720-d37f-42c4-84bf-b1a7a5600ad1; Last run time #41b1cbad-c59f-468d-b4f4-d0fd3de74cb7; Active target filter #adf6c7ee-7843-48b4-99a2-26c94ddcc8b9; Inactive target filter #c9bdfa77-5ce2-4bb3-893e-b096eee1510b
AllowedMembershipReferences All Groups and Sets #5957ff7e-291f-4082-90a7-27331bbc53f7
CreatedTime 25/10/2010 14:39:22
DisplayName Administrator Filter Permission
ObjectType FilterScope
2. Non-Administrator Filter Permission ^Top
ObjectID Non-Administrator Filter Permission
AllowedAttributes Resource ID #703c5735-0d86-44a5-82c3-75550498e600; Account Name #3e04bbbf-014f-413c-8d07-6276cd383be8; City #0c89fc1b-0277-40b9-a3e6-9fefc6ca941e; Computed Member #a6962149-c8db-47d8-ad4e-780d94c10795; Cost Center #c7b905ba-bc2b-4e67-9759-88e58d5f5d57; Cost Center Name #44c2ba14-9106-43f1-ac9e-b860d0769df3; Country/Region #c3a508ca-2f87-4b62-a130-1e080f1828a2; Department #5399a6e8-ec8e-476a-8267-efeb502267f6; Description #c66a012e-72af-46c3-b95b-c2779c6bcd3f; Display Name #7dcc83b6-8be7-4717-a1ac-62b0b1b7ce29; Domain #da0212dc-9f78-483f-a318-5ac275175530; E-mail #ba33a27e-a0f1-49dd-8652-9f648b168f6e; First Name #58650157-dd41-4507-8c5b-fc412ed09587; Job Title #2b57ca23-0967-45aa-a2a8-d1707aa00a12; Last Name #843df943-b828-49fd-88da-c4ad8567147c; E-mail Alias #1b364ece-d609-461f-a365-9b3ebfb6ba16; Manager #b64c4c60-2601-43d4-8c70-2cf2c0c91ddf; Middle Name #a71e8335-0bc5-4739-9ba2-4474804161ab; Mobile Phone #bc2faf35-885b-41e0-84a6-48270a2a5465; Name #f059c901-a968-4df8-862d-6dc36997a8ab; Resource Type #acbcad3b-8394-4af3-a1d4-149cabae05d1; Fax #ab23f0ab-3cd0-4651-b70f-0f7414e9e8d4; Office Location #078977c0-221e-4561-a5d7-56051538cbac; Office Phone #85522959-4d96-41be-a242-352ee89df15f; User ID #2cf9a894-ca91-44d6-8d41-8160d3702638; userAccountControl #5d7b3346-e1e5-456a-84d1-5276be3988cf; DEEWR-claimTypeID #75afd0ab-00ce-4c80-9f3f-ec8a89c7f2fe; DEEWR-userID #5666112b-b26c-4caa-824c-3fda175857ad; DEEWR-applicationID #dbfc9056-e6c9-4133-a326-12f20bd43ed1; DEEWR-claimValue #be87a02b-5d19-46fb-a908-207f0cd78099; DEEWR-claimValueType #323a1ea2-33cb-4f5d-b88c-88e4dc1247f1; DEEWR-userIDName #f37887ab-2f35-41e6-b321-866d73f58540; DEEWR-applicationName #5024ca14-c879-4480-93cc-56842afb4178; DEEWR-claimTypeName #2399ab42-e7c1-4bfe-9cb5-1225f32b411f; DEEWR-esg-generalRoleID #daa40246-c050-4510-94cf-ce6d64154b9a; DEEWR-esg-contractID #c44b8155-0f32-4969-890d-898d0406c75c; DEEWR-esg-siteID #60f99071-8e76-4ba0-b3cf-22279713b3a9; DEEWR-uid #6d6b0579-0cc0-431b-bef1-78fe65ec65e3; DEEWR-esg-reportingRoleID #86f14860-ff46-4e87-b3ab-09285d98b34d; DEEWR-esg-orgID #0a0cd30a-0e8b-4375-9330-37c4d57c8912; DEEWR-esg-organisationID #464398f4-1a09-42bb-8ec4-9a0a23e51da5; DEEWR-esg-roleType #310946b5-a5eb-4da8-b06d-5c932bc1e87e; DEEWR-esg-roleID #0c6e3e00-ce1f-4bf8-9a8c-4f469613cd7d; DEEWR-ownerID #b533b073-17da-492d-bdee-f5ce9dfc9be5; DEEWR-DeptID #c6c1a889-6a95-4e12-8d09-113897373443; DEEWR-roleID #5a4580d2-0345-4ba9-a44a-a13595cd628a; DEEWR-codeWord #cad28a50-54c5-444c-baf2-575a979eb5b3; lastLogon #3c5849a4-cd22-446a-b3de-d298a806d9a5; DEEWR-subKeyID #4e64a45b-077b-406b-a83f-604b21339a19; DEEWR-subKeyName #90086975-850a-4828-b184-51534c316516; DEEWR-esg-baseRoleID #a7cd4b49-63b0-4fb3-92af-37f7f26cfbd4; info #26b0e0a6-79dc-41a7-a9d9-0f6c93ee5c5e; DEEWR-esg-inviter #da49e464-058e-4f9c-83be-92aacda544ed; DEEWR-esg-invitee #5ede338e-42df-45c7-b1c8-6c45d6fffc1c; DEEWR-esg-isAccepted #40e713a2-ed45-4a4a-8302-f89ee3021bbb; DEEWR-esg-orgUserID #487736d6-ac1c-4149-a998-87de1d5dc158; DEEWR-esg-siteUserID #11a47f9b-a3b2-4a89-a56f-9d1f26ab3dba; friendlyNames #16e9ad1a-7456-40a9-96f3-9df61026b0e6; whenCreated #1b1a89ba-ed86-4a80-ba94-3cbebfc62f10; vasco-DirectAssignOnly #dcd8df02-ce87-4cac-8703-a2f2dd73277e; vasco-SerialNumber #cfee21f0-e70e-4054-95f8-a8836765b80d; vasco-TokenType #403966a9-23fe-4368-a165-b1d73cb6abc4; vasco-linkVascoUserToVascoDigipass #85777c51-8d26-4121-a019-26fe4d6b5045; VascoDigipassData #4b74e908-cab8-4178-a66d-968b3b0af6aa; DEEWR-esg-globalRoleTemplate #20a8fe13-2c78-4603-ad4c-215b3796b0dc; DEEWR-esg-ownerID #d09e2707-8092-4951-960d-f5f81de55711; DEEWR-esg-targetID #b10d8ede-afd1-4418-bf65-7c9c0ca0c934; DEEWR-assignedRoleID #32a1e758-531d-4539-8027-a07fdb37c629; DEEWR-appID #0687f860-8700-4093-b340-7bad6839d1c7; unicodePwd #804628c3-29b2-4ad3-8d73-ef0a4fc8b897; lockoutTime #df514c5a-5654-4975-a226-f5e5b32e322a; DEEWR-selfServicePassword #d527ad5d-0d0e-4850-a9d1-30cee95024a3; DEEWR-esg-securityReports #f90071fb-a219-4f72-b961-11f8646b47c3; IsActive #e78d5c95-47cf-414b-83dd-5e516425ea41; DEEWR-claimValueID #8ddd758d-c476-41bc-abd7-88539ba79d06; DEEWR-agsNumber #356c6bb6-6c12-4354-ac50-46e79aec6e56; DEEWR-dateOfBirth #9e6d65db-46f9-4355-8d59-7e0dc47a31c7
CreatedTime 25/10/2010 14:39:22
DisplayName Non-Administrator Filter Permission
ObjectType FilterScope
Resource Type: ManagementPolicyRule
1. Administration: Administrators control synchronization rule resources ^Top
ObjectID Administration: Administrators control synchronization rule resources
ActionParameter ConnectedObjectType; ConnectedSystem; ConnectedSystemScope; CreateConnectedSystemObject; CreateILMObject; Dependency; Description; DisconnectConnectedSystemObject; DisplayName; ExistenceTest; ExpirationTime; FlowType; ILMObjectType; ILMScoping; InitialFlow; ManagementAgentID; ObjectType; PersistentFlow; Precedence; RelationshipCriteria; SynchronizationRuleParameters
ActionType Add; Create; Delete; Modify; Remove
ActionWorkflowDefinition DEEWR - Event Broker Rule Changes #39cd9740-1721-440b-a8fa-be3d78edb92e
CreatedTime 25/10/2010 14:39:22
Description Administration: Administrators control synchronization rule resources
Disabled False
DisplayName Administration: Administrators control synchronization rule resources
GrantRight True
ObjectType ManagementPolicyRule
PrincipalSet Administrators
ResourceCurrentSet All Synchronization Rule Resources
ResourceFinalSet All Synchronization Rule Resources
ManagementPolicyRuleType Request
2. DEEWR-Accepted invitations are applied to user entitlements ^Top
ObjectID DEEWR-Accepted invitations are applied to user entitlements
ActionParameter DEEWR-esg-isAccepted
ActionType Modify
ActionWorkflowDefinition DEEWR-Apply invitation to entitlements #ce284ddd-4fbe-43af-a142-26b4d7dc93db
CreatedTime 16/05/2011 8:51:34
Disabled True
DisplayName DEEWR-Accepted invitations are applied to user entitlements
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR IAM SD3 and OSC users
ResourceCurrentSet All DEEWR-esg-invitations
ResourceFinalSet All DEEWR-esg-invitations accepted
ManagementPolicyRuleType Request
3. DEEWR-Accepted invitations are applied to user entitlements by invitees ^Top
ObjectID DEEWR-Accepted invitations are applied to user entitlements by invitees
ActionParameter *
ActionType Modify
ActionWorkflowDefinition DEEWR-Apply invitation to entitlements #ce284ddd-4fbe-43af-a142-26b4d7dc93db
CreatedTime 24/08/2011 7:20:07
Disabled False
DisplayName DEEWR-Accepted invitations are applied to user entitlements by invitees
GrantRight False
ObjectType ManagementPolicyRule
PrincipalRelativeToResource DEEWR-userID
ResourceCurrentSet All DEEWR-esg-invitations
ResourceFinalSet All DEEWR-esg-invitations
ManagementPolicyRuleType Request
4. DEEWR-ADMIN ROLE claims are linked to a user ^Top
ObjectID DEEWR-ADMIN ROLE claims are linked to a user
ActionParameter *
ActionType Add; Create; Modify; Remove
ActionWorkflowDefinition DEEWR-Update ADMIN ROLE claims for a user #acde0c09-fd29-4515-9676-470f90bc0555
CreatedTime 25/07/2011 7:50:38
Description ADMIN ROLE claims are linked to a user
Disabled False
DisplayName DEEWR-ADMIN ROLE claims are linked to a user
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR Admin Role Claims
ResourceFinalSet All DEEWR Admin Role Claims
ManagementPolicyRuleType Request
5. DEEWR-All claims with missing references are deleted ^Top
ObjectID DEEWR-All claims with missing references are deleted
ActionParameter *
ActionType TransitionIn
ActionWorkflowDefinition DEEWR-Delete Object by ID #3f9d8e00-1c17-41ba-8c85-a08887e2d7ad
CreatedTime 24/06/2011 2:58:45
Description All claims with missing references (which are therefore invalid) are deleted
Disabled False
DisplayName DEEWR-All claims with missing references are deleted
GrantRight False
ObjectType ManagementPolicyRule
ResourceFinalSet All DEEWR invalid claims to be deleted
ManagementPolicyRuleType SetTransition
6. DEEWR-Claims are updated with referenced display names ^Top
ObjectID DEEWR-Claims are updated with referenced display names
ActionParameter DEEWR-applicationID; DEEWR-claimTypeID; DEEWR-claimValueID; DEEWR-subKeyID; DEEWR-userID; ObjectID
ActionType Add; Create; Modify; Remove
ActionWorkflowDefinition DEEWR-Set claim sync values #986d5c5b-2be2-4983-b456-cc8e5301ede3
CreatedTime 19/04/2011 5:56:14
Description Claims need to store the display names of each referenced object to sync with SQL
Disabled False
DisplayName DEEWR-Claims are updated with referenced display names
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR Claims
ResourceFinalSet All DEEWR-esg-claims with valid references
ManagementPolicyRuleType Request
7. DEEWR-Claims for IAMOSC ADMIN ROLES are created or updated for a user ^Top
ObjectID DEEWR-Claims for IAMOSC ADMIN ROLES are created or updated for a user
ActionParameter DEEWR-esg-organisationID; DEEWR-roleID
ActionType Add; Create; Remove
ActionWorkflowDefinition DEEWR-Create or update user IAMOSC ADMIN ROLE claims #33d89e12-3c96-4d23-8a61-838f1c769f23
CreatedTime 17/08/2011 7:49:48
Disabled False
DisplayName DEEWR-Claims for IAMOSC ADMIN ROLES are created or updated for a user
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR Users
ResourceFinalSet All DEEWR Users with migrated IAMOSC ADMIN ROLE claims
ManagementPolicyRuleType Request
8. DEEWR-Claims for IAMSSC ADMIN ROLES are created or updated for a user ^Top
ObjectID DEEWR-Claims for IAMSSC ADMIN ROLES are created or updated for a user
ActionParameter DEEWR-roleID; DEEWR-siteID
ActionType Add; Create; Remove
ActionWorkflowDefinition DEEWR-Create or update user IAMSSC ADMIN ROLE claims #4c7cd9f0-9e4e-4151-9dd9-b5822807c4c8
CreatedTime 1/06/2011 2:06:58
Description Generate claims data for migrated IAMSSC ADMIN ROLE assignments to people
Disabled False
DisplayName DEEWR-Claims for IAMSSC ADMIN ROLES are created or updated for a user
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR Users
ResourceFinalSet All DEEWR Users with migrated IAMSSC ADMIN ROLE claims
ManagementPolicyRuleType Request
9. DEEWR-Claims for ORGS are removed for a user ^Top
ObjectID DEEWR-Claims for ORGS are removed for a user
ActionParameter DEEWR-appID; DEEWR-esg-organisationID
ActionType Remove
ActionWorkflowDefinition DEEWR-Delete user ESG ORG claims #c09aefc9-f530-4862-89f9-fa1e841e1709
CreatedTime 28/06/2011 8:00:06
Description Claims for ORGS are removed for a user
Disabled True
DisplayName DEEWR-Claims for ORGS are removed for a user
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR Users
ResourceFinalSet All DEEWR Users
ManagementPolicyRuleType Request
10. DEEWR-Claims for OTHER ADMIN ROLES are created or updated for a user ^Top
ObjectID DEEWR-Claims for OTHER ADMIN ROLES are created or updated for a user
ActionParameter DEEWR-roleID
ActionType Add; Create; Remove
ActionWorkflowDefinition DEEWR-Create or update user OTHER ADMIN ROLE claims #a2ec5017-9329-4e54-9516-6f368a60128b
CreatedTime 17/08/2011 7:51:45
Disabled False
DisplayName DEEWR-Claims for OTHER ADMIN ROLES are created or updated for a user
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR Users
ResourceFinalSet All DEEWR Users with migrated OTHER ADMIN ROLE claims
ManagementPolicyRuleType Request
11. DEEWR-Claims for ROLES are removed for a user ^Top
ObjectID DEEWR-Claims for ROLES are removed for a user
ActionParameter DEEWR-appID; DEEWR-esg-roleID
ActionType Remove
ActionWorkflowDefinition DEEWR-Delete user ESG ROLE claims #79f735e5-b5fe-4427-9e76-5749880b7300
CreatedTime 28/06/2011 8:37:39
Description Claims for ROLES are removed for a user
Disabled True
DisplayName DEEWR-Claims for ROLES are removed for a user
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR Users
ResourceFinalSet All DEEWR Users
ManagementPolicyRuleType Request
12. DEEWR-Claims for SITES are removed for a user ^Top
ObjectID DEEWR-Claims for SITES are removed for a user
ActionParameter DEEWR-appID; DEEWR-esg-siteID
ActionType Remove
ActionWorkflowDefinition DEEWR-Delete user ESG SITE claims #1bb1f7ef-792e-40a8-b2db-a0f760d02ccc
CreatedTime 28/06/2011 8:33:31
Description Claims for SITES are removed for a user
Disabled True
DisplayName DEEWR-Claims for SITES are removed for a user
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR Users
ResourceFinalSet All DEEWR Users
ManagementPolicyRuleType Request
13. DEEWR-Claims which are invalid for a given ORG and APPLICATION are deleted for a user ^Top
ObjectID DEEWR-Claims which are invalid for a given ORG and APPLICATION are deleted for a user
ActionParameter DEEWR-esg-organisationID
ActionType Add
ActionWorkflowDefinition DEEWR-Delete invalid user claims for Org and Application #5f4a7efa-81b9-42c6-88b9-901fa0ce8905
CreatedTime 6/05/2011 16:36:15
Description Claims for ORGS, SITES, CONTRACTS and ROLES are deleted for a user where there is no longer a match on ORG and APPLICATION
Disabled True
DisplayName DEEWR-Claims which are invalid for a given ORG and APPLICATION are deleted for a user
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR Claim administrators
ResourceCurrentSet ALL DEEWR Users with valid ORG claims
ResourceFinalSet All DEEWR Users
ManagementPolicyRuleType Request
14. DEEWR-FIM workflow changes to claims trigger Event Broker ^Top
ObjectID DEEWR-FIM workflow changes to claims trigger Event Broker
ActionParameter *
ActionType Add; Create; Delete; Modify; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 12/08/2011 4:32:44
Description FIM workflow changes to claims trigger Event Broker
Disabled False
DisplayName DEEWR-FIM workflow changes to claims trigger Event Broker
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet DEEWR-Forefront Identity Manager Service Account
ResourceCurrentSet All DEEWR Claims
ResourceFinalSet All DEEWR Claims
ManagementPolicyRuleType Request
15. DEEWR-FIM workflow changes to users trigger Event Broker ^Top
ObjectID DEEWR-FIM workflow changes to users trigger Event Broker
ActionParameter *
ActionType Add; Create; Delete; Modify; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 7/07/2011 9:35:33
Description FIM workflow changes to users trigger Event Broker
Disabled False
DisplayName DEEWR-FIM workflow changes to users trigger Event Broker
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet DEEWR-Forefront Identity Manager Service Account
ResourceCurrentSet All DEEWR Users
ResourceFinalSet All DEEWR Users
ManagementPolicyRuleType Request
16. DEEWR-Initial password is cleared after user is first provisioned to AD ^Top
ObjectID DEEWR-Initial password is cleared after user is first provisioned to AD
ActionParameter DetectedRulesList
ActionType Add
ActionWorkflowDefinition DEEWR-Clean up after user account is provisioned #5b6fb483-0b6e-45a0-8b28-52630b8397ff
CreatedTime 7/07/2011 2:58:03
Description Initial password is cleared after user is first provisioned to AD
Disabled False
DisplayName DEEWR-Initial password is cleared after user is first provisioned to AD
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All DEEWR Users
ResourceFinalSet All DEEWR users with provisioning DREs
ManagementPolicyRuleType Request
17. DEEWR-Invalid esg roles for sites are removed ^Top
ObjectID DEEWR-Invalid esg roles for sites are removed
ActionParameter DEEWR-esg-siteID
ActionType Add; Remove
ActionWorkflowDefinition DEEWR-Remove invalid esg roles for user sites #acf166bc-f10d-4eef-a333-92d6813fcc62
CreatedTime 11/05/2011 1:32:27
Description Invalid esg roles for sites are removed
Disabled True
DisplayName DEEWR-Invalid esg roles for sites are removed
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR Claim administrators
ResourceCurrentSet All People
ResourceFinalSet All People
ManagementPolicyRuleType Request
18. DEEWR-Invalid esg sites and roles for org are removed ^Top
ObjectID DEEWR-Invalid esg sites and roles for org are removed
ActionParameter DEEWR-esg-organisationID
ActionType Add; Remove
ActionWorkflowDefinition DEEWR-Remove invalid esg sites and roles for user orgs #72cef2cf-fe92-4d4e-95d4-4bd8dcc64486
CreatedTime 6/05/2011 4:45:31
Description Site and role selections for a user are removed if they no longer match the selected org
Disabled True
DisplayName DEEWR-Invalid esg sites and roles for org are removed
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR Claim administrators
ResourceCurrentSet All People
ResourceFinalSet All People
ManagementPolicyRuleType Request
19. DEEWR-Invitations where invitee cannot be resolved are deleted ^Top
ObjectID DEEWR-Invitations where invitee cannot be resolved are deleted
ActionParameter *
ActionType TransitionIn
ActionWorkflowDefinition DEEWR-Delete invitation where invitee not resolved #c11ff7fd-eb88-428f-af29-b394e7dbed29
CreatedTime 13/05/2011 6:33:22
Description All DEEWR invitations where invitee cannot be resolved are deleted
Disabled False
DisplayName DEEWR-Invitations where invitee cannot be resolved are deleted
GrantRight False
ObjectType ManagementPolicyRule
ResourceFinalSet DEEWR-All invitations that failed to resolve
ManagementPolicyRuleType SetTransition
20. DEEWR-Invitees are resolved for new invitations ^Top
ObjectID DEEWR-Invitees are resolved for new invitations
ActionParameter DEEWR-esg-invitee
ActionType Create; Modify
ActionWorkflowDefinition DEEWR-Resolve org invitee #9016d360-df9d-4c76-989a-a0d7b80a6db4
CreatedTime 13/05/2011 5:46:00
Description Resolve the user ID for a new invitation
Disabled False
DisplayName DEEWR-Invitees are resolved for new invitations
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR IAM SD3 and OSC users
ResourceCurrentSet DEEWR-All unresolved invitations
ResourceFinalSet All DEEWR-esg-invitations
ManagementPolicyRuleType Request
21. DEEWR-Migrated Claims for ORGS are created or updated for a user ^Top
ObjectID DEEWR-Migrated Claims for ORGS are created or updated for a user
ActionParameter DEEWR-appID; DEEWR-esg-organisationID
ActionType Add; Create; Remove
ActionWorkflowDefinition DEEWR-Create or update user ESG ORG claims #0365f91d-bab2-446c-9eb1-326f5e333f77
CreatedTime 21/04/2011 2:22:24
Description Generate claims data for migrated ORG assignments to people
Disabled False
DisplayName DEEWR-Migrated Claims for ORGS are created or updated for a user
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All DEEWR Users
ResourceFinalSet ALL DEEWR Users with valid ORG claims
ManagementPolicyRuleType Request
22. DEEWR-Migrated Claims for ROLES are created or updated for a user ^Top
ObjectID DEEWR-Migrated Claims for ROLES are created or updated for a user
ActionParameter DEEWR-appID; DEEWR-esg-roleID
ActionType Add; Create; Remove
ActionWorkflowDefinition DEEWR-Create or update user ESG ROLE claims #e6e3b10d-8f08-4290-86a4-64b10803a4a9
CreatedTime 20/04/2011 3:35:10
Description Generate claims data for migrated ROLE assignments to people
Disabled False
DisplayName DEEWR-Migrated Claims for ROLES are created or updated for a user
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All DEEWR Users
ResourceFinalSet ALL DEEWR Users with valid ROLE claims
ManagementPolicyRuleType Request
23. DEEWR-Migrated Claims for SITES are created or updated for a user ^Top
ObjectID DEEWR-Migrated Claims for SITES are created or updated for a user
ActionParameter DEEWR-appID; DEEWR-esg-siteID
ActionType Add; Create; Remove
ActionWorkflowDefinition DEEWR-Create or update user ESG SITE claims #fc4517e2-ae4f-4c53-8085-6a8cf0d50e1f
CreatedTime 21/04/2011 5:01:00
Description Generate and maintain claims data for migrated SITE assignments to people
Disabled False
DisplayName DEEWR-Migrated Claims for SITES are created or updated for a user
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All DEEWR Users
ResourceFinalSet All DEEWR Users with valid SITE claims
ManagementPolicyRuleType Request
24. DEEWR-Notify new invitations ^Top
ObjectID DEEWR-Notify new invitations
ActionParameter *
ActionType TransitionIn
ActionWorkflowDefinition DEEWR-Notify invitee resolved OK #ca9ecebb-32ae-4f30-bcf7-d617f31ce227
CreatedTime 17/05/2011 7:48:07
Description WIP - need to work out where to direct these, but for now just use inviter
Disabled False
DisplayName DEEWR-Notify new invitations
GrantRight False
ObjectType ManagementPolicyRule
ResourceFinalSet DEEWR-Invitations with resolved invitees
ManagementPolicyRuleType SetTransition
25. DEEWR-Org admins are recalculated for a ad-hoc user set ^Top
ObjectID DEEWR-Org admins are recalculated for a ad-hoc user set
ActionParameter *
ActionType TransitionIn
ActionWorkflowDefinition DEEWR-Reset OSCs for a user #75335c6c-7aef-4efd-8f44-50e935afd2fe; DEEWR-Reset SSCs for a user #dfe67296-e37f-45d2-b4df-99c6fdf8087b
CreatedTime 25/08/2011 7:51:45
Description Org admins are recalculated for a ad-hoc user set
Disabled True
DisplayName DEEWR-Org admins are recalculated for a ad-hoc user set
GrantRight False
ObjectType ManagementPolicyRule
ResourceFinalSet All DEEWR users for ad hoc validation
ManagementPolicyRuleType SetTransition
26. DEEWR-Org admins are recalculated for a user ^Top
ObjectID DEEWR-Org admins are recalculated for a user
ActionParameter *
ActionType TransitionIn
ActionWorkflowDefinition DEEWR-Reset OSCs for a user #75335c6c-7aef-4efd-8f44-50e935afd2fe
CreatedTime 24/08/2011 3:32:05
Description Org admins are recalculated for a user
Disabled True
DisplayName DEEWR-Org admins are recalculated for a user
GrantRight False
ObjectType ManagementPolicyRule
ResourceFinalSet All DEEWR users for admin validation
ManagementPolicyRuleType SetTransition
27. DEEWR-Org users are have matching OSC IDs recalculated ^Top
ObjectID DEEWR-Org users are have matching OSC IDs recalculated
ActionParameter *
ActionType TransitionIn
ActionWorkflowDefinition DEEWR-Reset OSCs for a user #75335c6c-7aef-4efd-8f44-50e935afd2fe
CreatedTime 22/08/2011 3:52:08
Description Housekeeping process for OSCs
Disabled False
DisplayName DEEWR-Org users are have matching OSC IDs recalculated
GrantRight False
ObjectType ManagementPolicyRule
ResourceFinalSet All DEEWR users with invalid ORG Admins
ManagementPolicyRuleType SetTransition
28. DEEWR-Org users are updated with the matching OSC IDs ^Top
ObjectID DEEWR-Org users are updated with the matching OSC IDs
ActionParameter DEEWR-claimValueID
ActionType Add; Create; Remove
ActionWorkflowDefinition DEEWR-Set OSCs for a user ORG claim #ac4a6566-a333-4118-9d28-3367788526a0
CreatedTime 17/05/2011 8:10:09
Description ORG users are updated with the matching OSC IDs
Disabled False
DisplayName DEEWR-Org users are updated with the matching OSC IDs
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR Org Claims
ResourceFinalSet All DEEWR Org Claims
ManagementPolicyRuleType Request
29. DEEWR-Outbound policy for Claims to SQL ^Top
ObjectID DEEWR-Outbound policy for Claims to SQL
ActionParameter *
ActionType TransitionIn
ActionWorkflowDefinition DEEWR-Outbound workflow for Claims to SQL #92d08166-d402-4690-9af5-2946b5bf6392
CreatedTime 19/04/2011 2:06:02
Description Claims are provisioned to SQL
Disabled False
DisplayName DEEWR-Outbound policy for Claims to SQL
GrantRight False
ObjectType ManagementPolicyRule
ResourceFinalSet DEEWR-All valid claims
ManagementPolicyRuleType SetTransition
30. DEEWR-Outbound Policy for Users to AD ^Top
ObjectID DEEWR-Outbound Policy for Users to AD
ActionParameter *
ActionType TransitionIn
ActionWorkflowDefinition DEEWR-Outbound Workflow for Users to AD #a2994a65-af06-43c8-8895-39a33abe1edc
CreatedTime 9/06/2011 10:31:33
Description Outbound Policy for Users to AD
Disabled False
DisplayName DEEWR-Outbound Policy for Users to AD
GrantRight False
ObjectType ManagementPolicyRule
ResourceFinalSet All DEEWR Domain users for provisioning
ManagementPolicyRuleType SetTransition
31. DEEWR-Rejected invitations are deleted ^Top
ObjectID DEEWR-Rejected invitations are deleted
ActionParameter DEEWR-esg-isAccepted
ActionType Modify
ActionWorkflowDefinition DEEWR-Delete rejected invitation #2dcae92f-5a34-4ecd-ba1d-cc1071858cc0
CreatedTime 16/05/2011 12:51:58
Disabled False
DisplayName DEEWR-Rejected invitations are deleted
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR IAM SD3 and OSC users
ResourceCurrentSet All DEEWR-esg-invitations
ResourceFinalSet DEEWR-All rejected invitations
ManagementPolicyRuleType Request
32. DEEWR-Role claims are deleted when there is no claim value ^Top
ObjectID DEEWR-Role claims are deleted when there is no claim value
ActionParameter DEEWR-claimValueID
ActionType Create; Remove
ActionWorkflowDefinition DEEWR-Delete Object by ID #3f9d8e00-1c17-41ba-8c85-a08887e2d7ad
CreatedTime 1/08/2011 7:01:21
Description Role claims are deleted when there is no claim value
Disabled False
DisplayName DEEWR-Role claims are deleted when there is no claim value
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR Role Claims
ResourceFinalSet All DEEWR role claims to be deleted
ManagementPolicyRuleType Request
33. DEEWR-Site admins are recalculated for a user ^Top
ObjectID DEEWR-Site admins are recalculated for a user
ActionParameter *
ActionType TransitionIn
ActionWorkflowDefinition DEEWR-Reset SSCs for a user #dfe67296-e37f-45d2-b4df-99c6fdf8087b
CreatedTime 24/08/2011 7:52:40
Description Site admins are recalculated for a user
Disabled True
DisplayName DEEWR-Site admins are recalculated for a user
GrantRight False
ObjectType ManagementPolicyRule
ResourceFinalSet All DEEWR users for admin validation
ManagementPolicyRuleType SetTransition
34. DEEWR-Site users are have matching SSC IDs recalculated ^Top
ObjectID DEEWR-Site users are have matching SSC IDs recalculated
ActionParameter *
ActionType TransitionIn
ActionWorkflowDefinition DEEWR-Reset SSCs for a user #dfe67296-e37f-45d2-b4df-99c6fdf8087b
CreatedTime 22/08/2011 3:48:31
Description DEEWR housekeeping process for SSCs
Disabled False
DisplayName DEEWR-Site users are have matching SSC IDs recalculated
GrantRight False
ObjectType ManagementPolicyRule
ResourceFinalSet All DEEWR users with invalid SITE Admins
ManagementPolicyRuleType SetTransition
35. DEEWR-Site users are updated with the matching SSC IDs ^Top
ObjectID DEEWR-Site users are updated with the matching SSC IDs
ActionParameter DEEWR-claimValueID
ActionType Add; Create; Remove
ActionWorkflowDefinition DEEWR-Set SSCs for a user SITE claim #e8155867-3040-455d-9bb4-561c503bafa4
CreatedTime 17/05/2011 9:28:55
Description SITE users are updated with the matching SSC IDs
Disabled False
DisplayName DEEWR-Site users are updated with the matching SSC IDs
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR Site Claims
ResourceFinalSet All DEEWR Site Claims
ManagementPolicyRuleType Request
36. DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-contracts ^Top
ObjectID DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-contracts
ActionParameter *
ActionType Add; Create; Delete; Modify; Read; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 23/02/2011 5:14:04
Description DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-contracts
Disabled False
DisplayName DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-contracts
GrantRight True
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All DEEWR-esg-contracts
ResourceFinalSet All DEEWR-esg-contracts
ManagementPolicyRuleType Request
37. DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-orgs ^Top
ObjectID DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-orgs
ActionParameter *
ActionType Add; Create; Delete; Modify; Read; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 23/02/2011 5:11:16
Description DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-orgs
Disabled False
DisplayName DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-orgs
GrantRight True
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All DEEWR-esg-orgs
ResourceFinalSet All DEEWR-esg-orgs
ManagementPolicyRuleType Request
38. DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-roles ^Top
ObjectID DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-roles
ActionParameter *
ActionType Add; Create; Delete; Modify; Read; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 11/04/2011 6:08:39
Description DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-roles
Disabled False
DisplayName DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-roles
GrantRight True
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All DEEWR-esg-roles
ResourceFinalSet All DEEWR-esg-roles
ManagementPolicyRuleType Request
39. DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-roleTemplates ^Top
ObjectID DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-roleTemplates
ActionParameter *
ActionType Add; Create; Delete; Modify; Read; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 6/05/2011 2:16:51
Description DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-roleTemplates
Disabled False
DisplayName DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-roleTemplates
GrantRight True
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All DEEWR-esg-roleTemplates
ResourceFinalSet All DEEWR-esg-roleTemplates
ManagementPolicyRuleType Request
40. DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-sites ^Top
ObjectID DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-sites
ActionParameter *
ActionType Add; Create; Delete; Modify; Read; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 23/02/2011 5:12:14
Description DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-sites
Disabled False
DisplayName DEEWR-Synchronisation: Synchronisation Engine can control DEEWR-esg-sites
GrantRight True
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All DEEWR-esg-sites
ResourceFinalSet All DEEWR-esg-sites
ManagementPolicyRuleType Request
41. DEEWR-Synchronisation: Synchronisation Engine can read and update Claims ^Top
ObjectID DEEWR-Synchronisation: Synchronisation Engine can read and update Claims
ActionParameter *
ActionType Add; Create; Delete; Modify; Read; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 9/03/2011 6:46:56
Description DEEWR-Synchronisation: Synchronisation Engine can read and update Claims
Disabled False
DisplayName DEEWR-Synchronisation: Synchronisation Engine can read and update Claims
GrantRight True
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All DEEWR Claims
ResourceFinalSet All DEEWR Claims
ManagementPolicyRuleType Request
42. DEEWR-Synchronization: Synchronization account controls users it synchronizes ^Top
ObjectID DEEWR-Synchronization: Synchronization account controls users it synchronizes
ActionParameter DEEWR-claimID; DEEWR-codeWord; DEEWR-DeptID; DEEWR-esg-contractID; DEEWR-esg-organisationID; DEEWR-esg-orgID; DEEWR-esg-roleID; DEEWR-esg-roleType; DEEWR-esg-securityReports; DEEWR-esg-siteID; DEEWR-friendlyNames; DEEWR-info; DEEWR-isActive; DEEWR-lastLogonDatetime; DEEWR-lockoutTime; DEEWR-roleID; DEEWR-selfServicePassword; DEEWR-siteID; DEEWR-uid; DEEWR-unicodePwd; DEEWR-userAccountControl; DEEWR-VascoDigipassData; DEEWR-vasco-linkVascoUserToVascoDigipass
ActionType Add; Create; Delete; Modify; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 18/05/2011 5:06:44
Description DEEWR-Synchronization: Synchronization account controls users it synchronizes
Disabled False
DisplayName DEEWR-Synchronization: Synchronization account controls users it synchronizes
GrantRight True
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All DEEWR Users
ResourceFinalSet All DEEWR Users
ManagementPolicyRuleType Request
43. DEEWR-Synchronization: Synchronization engine can read and update DEEWR-roles ^Top
ObjectID DEEWR-Synchronization: Synchronization engine can read and update DEEWR-roles
ActionParameter *
ActionType Add; Create; Delete; Modify; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 8/06/2011 23:20:21
Description Synchronization engine can read and update DEEWR-roles
Disabled False
DisplayName DEEWR-Synchronization: Synchronization engine can read and update DEEWR-roles
GrantRight True
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All DEEWR-roles
ResourceFinalSet All DEEWR-roles
ManagementPolicyRuleType Request
44. DEEWR-Target MPRs for batch jobs falling due are activated ^Top
ObjectID DEEWR-Target MPRs for batch jobs falling due are activated
ActionParameter *
ActionType TransitionIn
ActionWorkflowDefinition DEEWR-Activate batch job #8db94929-35ac-4cdb-895f-152d5df002a8
CreatedTime 23/08/2011 0:44:55
Description Target MPRs for batch jobs falling due are activated
Disabled False
DisplayName DEEWR-Target MPRs for batch jobs falling due are activated
GrantRight False
ObjectType ManagementPolicyRule
ResourceFinalSet All DEEWR Batch jobs for activation
ManagementPolicyRuleType SetTransition
45. DEEWR-User changes to claims trigger Event Broker ^Top
ObjectID DEEWR-User changes to claims trigger Event Broker
ActionParameter *
ActionType Add; Create; Delete; Modify; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 12/08/2011 4:21:15
Description User changes to claims trigger Event Broker
Disabled False
DisplayName DEEWR-User changes to claims trigger Event Broker
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR Users
ResourceCurrentSet All DEEWR Claims
ResourceFinalSet All DEEWR Claims
ManagementPolicyRuleType Request
46. DEEWR-User changes to role templates trigger Event Broker ^Top
ObjectID DEEWR-User changes to role templates trigger Event Broker
ActionParameter *
ActionType Add; Create; Delete; Modify; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 12/08/2011 4:24:15
Description User changes to role templates trigger Event Broker
Disabled False
DisplayName DEEWR-User changes to role templates trigger Event Broker
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR Users
ResourceCurrentSet All DEEWR-esg-role templates
ResourceFinalSet All DEEWR-esg-role templates
ManagementPolicyRuleType Request
47. DEEWR-User changes to users trigger Event Broker ^Top
ObjectID DEEWR-User changes to users trigger Event Broker
ActionParameter DEEWR-codeWord; DEEWR-dateOfBirth; DEEWR-DeptID; DEEWR-isActive; DEEWR-roleID; DEEWR-selfServicePassword; Description; DetectedRulesList; DisplayName; ExpectedRulesList; ObjectID; ResourceTime
ActionType Add; Create; Delete; Modify; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 25/02/2011 0:34:15
Description User changes to users trigger Event Broker
Disabled False
DisplayName DEEWR-User changes to users trigger Event Broker
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR Users
ResourceCurrentSet All People
ResourceFinalSet All People
ManagementPolicyRuleType Request
48. DEEWR-Users are set with default properties ^Top
ObjectID DEEWR-Users are set with default properties
ActionParameter *
ActionType TransitionIn
ActionWorkflowDefinition DEEWR-New users are set with default properties #c5db1065-e3d8-425a-8f78-a2d5c034fa2c
CreatedTime 15/07/2011 2:30:02
Description Users are set with default properties
Disabled False
DisplayName DEEWR-Users are set with default properties
GrantRight False
ObjectType ManagementPolicyRule
ResourceFinalSet All DEEWR Users without valid APPs
ManagementPolicyRuleType SetTransition
49. DEEWR-Users are updated with a new OSC ^Top
ObjectID DEEWR-Users are updated with a new OSC
ActionParameter DEEWR-claimValueID
ActionType Add; Create
ActionWorkflowDefinition DEEWR-Add org admins for an OSC #5bc477ed-8113-49eb-b02b-89f81602a8f7
CreatedTime 18/05/2011 1:38:18
Description An OSC is added to each user which falls under the same org scope as the org(s) added for that OSC
Disabled False
DisplayName DEEWR-Users are updated with a new OSC
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR claims for IAMOSC
ResourceFinalSet All DEEWR claims for IAMOSC
ManagementPolicyRuleType Request
50. DEEWR-Users are updated with a new SSC ^Top
ObjectID DEEWR-Users are updated with a new SSC
ActionParameter DEEWR-claimValueID
ActionType Add; Create
ActionWorkflowDefinition DEEWR-Add site admins for an SSC #f86a82ff-1558-4497-96ff-d83b944cc146
CreatedTime 18/05/2011 1:18:09
Description An SSC is added to each user which falls under the same site scope as the site(s) added for that SSC
Disabled False
DisplayName DEEWR-Users are updated with a new SSC
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR claims for IAMSSC
ResourceFinalSet All DEEWR claims for IAMSSC
ManagementPolicyRuleType Request
51. DEEWR-Users are updated with a removed OSC ^Top
ObjectID DEEWR-Users are updated with a removed OSC
ActionParameter DEEWR-claimValueID
ActionType Remove
ActionWorkflowDefinition DEEWR-Remove org admins for an OSC and delete claim #805ee7b4-abf3-4aba-9c2e-fe4146a56bf5
CreatedTime 18/05/2011 1:43:27
Description An OSC is removed from each user which falls under the same org scope as the org(s) removed for that OSC
Disabled False
DisplayName DEEWR-Users are updated with a removed OSC
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR claims for IAMOSC
ResourceFinalSet All DEEWR claims for IAMOSC
ManagementPolicyRuleType Request
52. DEEWR-Users are updated with a removed SSC ^Top
ObjectID DEEWR-Users are updated with a removed SSC
ActionParameter DEEWR-claimValueID
ActionType Remove
ActionWorkflowDefinition DEEWR-Remove site admins for an SSC and delete claim #7e99df64-c7de-4be9-9023-6e58e0b2985b
CreatedTime 18/05/2011 1:25:04
Description An SSC is removed from each user which falls under the same site scope as the site(s) removed for that SSC
Disabled False
DisplayName DEEWR-Users are updated with a removed SSC
GrantRight False
ObjectType ManagementPolicyRule
PrincipalSet All DEEWR claim administrators and FIM services
ResourceCurrentSet All DEEWR claims for IAMSSC
ResourceFinalSet All DEEWR claims for IAMSSC
ManagementPolicyRuleType Request
53. Synchronization: Synchronization account can delete and update expected rule entry resources ^Top
ObjectID Synchronization: Synchronization account can delete and update expected rule entry resources
ActionParameter StatusError; SynchronizationRuleStatus
ActionType Delete; Modify
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 25/10/2010 14:39:22
Description Permission for the synchronization account to update selected attributes of the expected rule entry resources and permission to delete them
Disabled False
DisplayName Synchronization: Synchronization account can delete and update expected rule entry resources
GrantRight True
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All expected rule resources
ResourceFinalSet All expected rule resources
ManagementPolicyRuleType Request
54. Synchronization: Synchronization account controls detected rule entry resources ^Top
ObjectID Synchronization: Synchronization account controls detected rule entry resources
ActionParameter Connector; Description; DisplayName; MVObjectID; ObjectType; ResourceParent; SynchronizationRuleID
ActionType Create; Delete; Modify
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 25/10/2010 14:39:22
Description Synchronization: Synchronization account controls detected rule entry resources
Disabled False
DisplayName Synchronization: Synchronization account controls detected rule entry resources
GrantRight True
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All Detected Rule Resources
ResourceFinalSet All Detected Rule Resources
ManagementPolicyRuleType Request
55. Synchronization: Synchronization account controls synchronization configuration resources ^Top
ObjectID Synchronization: Synchronization account controls synchronization configuration resources
ActionParameter Description; DisplayName; ExpirationTime; MVObjectID; ObjectType; SyncConfig-attribute-inclusion; SyncConfig-capabilities-mask; SyncConfig-category; SyncConfig-component_mappings; SyncConfig-controller-configuration; SyncConfig-creation-time; SyncConfig-dn-construction; SyncConfig-encrypted-attributes; SyncConfig-export-attribute-flow; SyncConfig-export-type; SyncConfig-extension; SyncConfig-format-version; SyncConfig-id; SyncConfig-import-attribute-flow; SyncConfig-internal-version; SyncConfig-join; SyncConfig-last-modification-time; SyncConfig-ma-companyname; SyncConfig-ma-listname; SyncConfig-ma-partition-data; SyncConfig-ma-run-data; SyncConfig-ma-ui-settings; SyncConfig-mv-deletion; SyncConfig-password-change-history-size; SyncConfig-password-sync; SyncConfig-password-sync-allowed; SyncConfig-private-configuration; SyncConfig-projection; SyncConfig-provisioning; SyncConfig-provisioning-cleanup; SyncConfig-provisioning-cleanup-type; SyncConfig-provisioning-type; SyncConfig-refresh-schema; SyncConfig-schema; SyncConfig-stay-disconnector; SyncConfig-sub-type; SyncConfig-version
ActionType Add; Create; Delete; Modify; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 25/10/2010 14:39:22
Description Synchronization: Synchronization account controls synchronization configuration resources
Disabled False
DisplayName Synchronization: Synchronization account controls synchronization configuration resources
GrantRight True
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All ma-data and mv-data Resources
ResourceFinalSet All ma-data and mv-data Resources
ManagementPolicyRuleType Request
56. Synchronization: Synchronization account controls users it synchronizes ^Top
ObjectID Synchronization: Synchronization account controls users it synchronizes
ActionParameter AccountName; AD_UserCannotChangePassword; Address; Assistant; AuthNLockoutRegistrationID; AuthNWFLockedOut; AuthNWFRegistered; City; Company; CostCenter; CostCenterName; Country; Department; Description; DetectedRulesList; DisplayName; Domain; DomainConfiguration; Email; EmployeeEndDate; EmployeeID; EmployeeStartDate; EmployeeType; ExpectedRulesList; ExpirationTime; FirstName; FreezeCount; FreezeLevel; IsRASEnabled; JobTitle; lastLogon; LastName; LastResetAttemptTime; LoginName; MailNickname; Manager; MiddleName; MobilePhone; MVObjectID; ObjectSID; ObjectType; OfficeFax; OfficeLocation; OfficePhone; Photo; PostalCode; ProxyAddressCollection; Register; RegistrationRequired; ResetPassword; SIDHistory; TimeZone; whenCreated
ActionType Add; Create; Delete; Modify; Remove
ActionWorkflowDefinition DEEWR - Event Broker Data Changes #3fb0199c-8ff5-4ed3-be42-563d396f1ab4
CreatedTime 25/10/2010 14:39:22
Description Synchronization: Synchronization account controls users it synchronizes
Disabled False
DisplayName Synchronization: Synchronization account controls users it synchronizes
GrantRight True
ObjectType ManagementPolicyRule
PrincipalSet Synchronization Engine
ResourceCurrentSet All People
ResourceFinalSet All People
ManagementPolicyRuleType Request
57. Temporal policy workflow: Impending group resource expiry notification ^Top
ObjectID Temporal policy workflow: Impending group resource expiry notification
ActionParameter *
ActionType TransitionIn
ActionWorkflowDefinition Group Expiration Notification Workflow #f726eab0-4845-4934-a7d8-6d4fdc924bc1
CreatedTime 25/10/2010 14:39:22
Description Temporal policy workflow: Impending group resource expiry notification
Disabled False
DisplayName Temporal policy workflow: Impending group resource expiry notification
GrantRight False
ObjectType ManagementPolicyRule
ResourceFinalSet Expiring Group Resources
ManagementPolicyRuleType SetTransition
Resource Type: Set
1. Administrators ^Top
ObjectID Administrators
CreatedTime 25/10/2010 14:39:22
DisplayName Administrators
ExplicitMember *** various ***
ObjectType Set
2. All Synchronization Rule Resources ^Top
ObjectID All Synchronization Rule Resources
CreatedTime 25/10/2010 14:39:22
DisplayName All Synchronization Rule Resources
Filter /SynchronizationRule
ObjectType Set
3. All DEEWR IAM SD3 and OSC users ^Top
ObjectID All DEEWR IAM SD3 and OSC users
CreatedTime 8/06/2011 7:49:13
Description All DEEWR IAM SD3 and OSC users
DisplayName All DEEWR IAM SD3 and OSC users
Filter /Person[DEEWR-claimID = /Set[ObjectID='88007797-cd20-4230-9007-b0c20539b496']/ComputedMember]
ObjectType Set
Temporal False
4. All DEEWR-esg-invitations ^Top
ObjectID All DEEWR-esg-invitations
CreatedTime 13/05/2011 4:18:00
Description All DEEWR ESG invitations for a person to join an org or site
DisplayName All DEEWR-esg-invitations
Filter /DEEWR-esg-invitation
ObjectType Set
Temporal False
5. All DEEWR-esg-invitations accepted ^Top
ObjectID All DEEWR-esg-invitations accepted
CreatedTime 16/05/2011 8:49:21
Description All DEEWR invitations marked as accepted and ready for applying to user entitlements
DisplayName All DEEWR-esg-invitations accepted
Filter /DEEWR-esg-invitation[(DEEWR-userID = /Set[ObjectID = '8887df8e-6e84-49f2-a794-f9e9802077e0']/ComputedMember) and (DEEWR-esg-isAccepted = True)]
ObjectType Set
Temporal False
6. All DEEWR claim administrators and FIM services ^Top
ObjectID All DEEWR claim administrators and FIM services
CreatedTime 12/05/2011 3:28:04
Description All DEEWR claim administrators and FIM services
DisplayName All DEEWR claim administrators and FIM services
Filter /*[(ObjectID = /Set[ObjectID = 'c36c52f5-7060-4e3f-bc3e-b9e568d82fec']/ComputedMember) or (ObjectID = 'fb89aefa-5ea1-47f1-8890-abe7797d6497') or (ObjectID = 'e05d1f1b-3d5e-4014-baa6-94dee7d68c89')]
ObjectType Set
Temporal False
7. All DEEWR Admin Role Claims ^Top
ObjectID All DEEWR Admin Role Claims
CreatedTime 25/07/2011 7:37:04
Description All Admin Role Claims
DisplayName All DEEWR Admin Role Claims
Filter /DEEWR-claim[DEEWR-claimTypeID = /Set[ObjectID='e9ac76ea-9037-4e10-8e49-18ad17572ad6']/ComputedMember]
ObjectType Set
Temporal False
8. All DEEWR invalid claims to be deleted ^Top
ObjectID All DEEWR invalid claims to be deleted
CreatedTime 28/06/2011 7:17:24
Description Claims that no longer have valid references and must be deleted (catch all)
DisplayName All DEEWR invalid claims to be deleted
Filter /DEEWR-claim[(DEEWR-applicationID != /Set[ObjectID = '31a3f39f-852e-4b3c-bd2e-1588b4b63d9f']/ComputedMember) or (DEEWR-subKeyID != /Set[ObjectID = '7c866fd3-cf65-46cf-a198-4ea2f84980ec']/ComputedMember) or not(DEEWR-claimTypeID = /Set[ObjectID = '7c866fd3-cf65-46cf-a198-4ea2f84980ec']/ComputedMember) or (DEEWR-userID != /Set[ObjectID = 'fa544715-53eb-496c-a8b5-765196829e67']/ComputedMember)]
ObjectType Set
Temporal False
9. All DEEWR Claims ^Top
ObjectID All DEEWR Claims
CreatedTime 9/03/2011 4:30:22
Description All Claims
DisplayName All DEEWR Claims
Filter /DEEWR-claim
ObjectType Set
Temporal False
10. All DEEWR-esg-claims with valid references ^Top
ObjectID All DEEWR-esg-claims with valid references
CreatedTime 19/04/2011 7:10:46
Description All claim objects with reference values set for each of claim type, application and user
DisplayName All DEEWR-esg-claims with valid references
Filter /DEEWR-claim[(ObjectID = /Set[ObjectID='6c9a0954-1d70-4b79-a6a1-817c1d109627']/ComputedMember) and (DEEWR-applicationID = /Set[ObjectID = '31a3f39f-852e-4b3c-bd2e-1588b4b63d9f']/ComputedMember) and (DEEWR-userID = /Set[ObjectID = '8887df8e-6e84-49f2-a794-f9e9802077e0']/ComputedMember) and (DEEWR-claimTypeID = /Set[ObjectID='8fb496ba-6630-4364-b5d3-6f7564f2a112']/ComputedMember) and (DEEWR-claimValueID = /Set[ObjectID='7c866fd3-cf65-46cf-a198-4ea2f84980ec']/ComputedMember)]
ObjectType Set
Temporal False
11. All DEEWR Users ^Top
ObjectID All DEEWR Users
CreatedTime 13/04/2011 5:55:03
Description All DEEWR Users
DisplayName All DEEWR Users
Filter /Person
ObjectType Set
Temporal False
12. All DEEWR Users with migrated IAMOSC ADMIN ROLE claims ^Top
ObjectID All DEEWR Users with migrated IAMOSC ADMIN ROLE claims
CreatedTime 17/08/2011 7:43:04
Description Users with migrated IAMOSC ADMIN ROLE claims
DisplayName All DEEWR Users with migrated IAMOSC ADMIN ROLE claims
Filter /Person[(DEEWR-roleID = 'a4542174-d09f-4a6d-811e-9ceaa620b9c6') and (DEEWR-esg-organisationID = /Set[ObjectID='083e3870-6045-401e-b8b5-5099590d2250']/ComputedMember)]
ObjectType Set
Temporal False
13. All DEEWR Users with migrated IAMSSC ADMIN ROLE claims ^Top
ObjectID All DEEWR Users with migrated IAMSSC ADMIN ROLE claims
CreatedTime 2/06/2011 5:00:56
Description Users with migrated IAMSSC ADMIN ROLE claims
DisplayName All DEEWR Users with migrated IAMSSC ADMIN ROLE claims
Filter /Person[(DEEWR-roleID = '8965fc59-34ec-44b4-be53-84f26190189d') and (not(DisplayName = '#Invalid#')) and (DEEWR-siteID = /Set[ObjectID='026efea3-5244-438e-97b0-0ac7a6136268']/ComputedMember)]
ObjectType Set
Temporal False
14. All DEEWR Users with migrated OTHER ADMIN ROLE claims ^Top
ObjectID All DEEWR Users with migrated OTHER ADMIN ROLE claims
CreatedTime 17/08/2011 7:47:15
Description Users with migrated non-IAMSSC/IAMOSC ADMIN ROLE claims
DisplayName All DEEWR Users with migrated OTHER ADMIN ROLE claims
Filter /Person[(DEEWR-roleID = 'c2715343-2762-4bcd-9ea6-e352b24dd27a') or (DEEWR-roleID = 'bb817524-e2e5-44b1-897d-0a78a7b2730e') or (DEEWR-roleID = '49874a55-8b80-4e5d-bed6-e18689563281') or (DEEWR-roleID = 'bfb405bd-7a21-442e-ab0e-164635841262') or (DEEWR-roleID = '55d79fdc-eb15-49d1-9238-ed072b3c0b8f') or (DEEWR-roleID = 'c0fa6d65-e7f6-49f8-9069-76df322b4880')]
ObjectType Set
Temporal False
15. All DEEWR Claim administrators ^Top
ObjectID All DEEWR Claim administrators
CreatedTime 20/04/2011 8:25:57
Description All DEEWR Claims administrators
DisplayName All DEEWR Claim administrators
Filter /*[ObjectID = /Set[ObjectID = 'b419d131-a7b2-4a88-b066-e2684900d644']/ComputedMember]
ObjectType Set
Temporal False
16. ALL DEEWR Users with valid ORG claims ^Top
ObjectID ALL DEEWR Users with valid ORG claims
CreatedTime 2/06/2011 5:15:27
Description Users eligible for ORG claims
DisplayName ALL DEEWR Users with valid ORG claims
Filter /Person[(ObjectID = /Set[ObjectID = 'bc6220f6-22fa-421a-af6a-ae238fbc99f7']/ComputedMember) and (not(DisplayName = '%Invalid%')) and (ObjectID = /Set[ObjectID = 'ef062b32-9108-41e2-ae04-1f785db302df']/ComputedMember)]
ObjectType Set
Temporal False
17. DEEWR-Forefront Identity Manager Service Account ^Top
ObjectID DEEWR-Forefront Identity Manager Service Account
CreatedTime 20/04/2011 7:56:42
Description Forefront Identity Manager Service Account resource
DisplayName DEEWR-Forefront Identity Manager Service Account
Filter /*[DisplayName = 'Forefront Identity Manager Service Account']
ObjectType Set
Temporal False
18. Synchronization Engine ^Top
ObjectID Synchronization Engine
CreatedTime 25/10/2010 14:39:22
DisplayName Synchronization Engine
ExplicitMember *** various ***
Filter /Person[ObjectID='FB89AEFA-5EA1-47F1-8890-ABE7797D6497']
ObjectType Set
19. All DEEWR users with provisioning DREs ^Top
ObjectID All DEEWR users with provisioning DREs
CreatedTime 4/08/2011 7:47:53
Description All users with provisioning DREs
DisplayName All DEEWR users with provisioning DREs
Filter /Person[DetectedRulesList = /Set[ObjectID='892b4ff6-a9d3-4c20-b4f5-16484ce089f3']/ComputedMember]
ObjectType Set
Temporal False
20. All People ^Top
ObjectID All People
CreatedTime 25/10/2010 14:39:22
DisplayName All People
Filter /Person
ObjectType Set
21. DEEWR-All invitations that failed to resolve ^Top
ObjectID DEEWR-All invitations that failed to resolve
CreatedTime 13/05/2011 6:29:19
Description Invitations that failed to be resolved to a valid user
DisplayName DEEWR-All invitations that failed to resolve
Filter /DEEWR-esg-invitation[(DEEWR-userID != /Set[ObjectID = '8887df8e-6e84-49f2-a794-f9e9802077e0']/ComputedMember) and (not(DEEWR-esg-isAccepted = True)) and (not(DEEWR-esg-isAccepted = False))]
ObjectType Set
Temporal False
22. DEEWR-All unresolved invitations ^Top
ObjectID DEEWR-All unresolved invitations
CreatedTime 13/05/2011 5:42:17
Description User invitations which can be resolved to a valid user
DisplayName DEEWR-All unresolved invitations
Filter /DEEWR-esg-invitation[(DEEWR-userID != /Set[ObjectID = '8887df8e-6e84-49f2-a794-f9e9802077e0']/ComputedMember) and (DEEWR-esg-isAccepted = False)]
ObjectType Set
Temporal False
23. ALL DEEWR Users with valid ROLE claims ^Top
ObjectID ALL DEEWR Users with valid ROLE claims
CreatedTime 2/06/2011 4:59:26
Description Users eligible for ROLE claims
DisplayName ALL DEEWR Users with valid ROLE claims
Filter /Person[(ObjectID = /Set[ObjectID = '3a34fd86-8605-4cc0-ab8d-cddabe4aa8ab']/ComputedMember) and (ObjectID = /Set[ObjectID = 'e0cb4b00-86bc-4070-be3d-7af3b4657743']/ComputedMember)]
ObjectType Set
Temporal False
24. All DEEWR Users with valid SITE claims ^Top
ObjectID All DEEWR Users with valid SITE claims
CreatedTime 2/06/2011 4:56:05
Description Users eligible for SITE claims
DisplayName All DEEWR Users with valid SITE claims
Filter /Person[(ObjectID = /Set[ObjectID = 'a359d2b1-f8d8-47b2-8987-8dcd6c27386a']/ComputedMember) and (ObjectID = /Set[ObjectID = 'e48b0270-0205-4d48-8d6c-7c70ee580367']/ComputedMember)]
ObjectType Set
Temporal False
25. DEEWR-Invitations with resolved invitees ^Top
ObjectID DEEWR-Invitations with resolved invitees
CreatedTime 17/05/2011 7:37:32
Description Invitations which have successfully resolved to a FIM user
DisplayName DEEWR-Invitations with resolved invitees
Filter /DEEWR-esg-invitation[DEEWR-userID = /Set[ObjectID = 'e479fc22-f7ea-4189-a3f2-200d5653713f']/ComputedMember]
ObjectType Set
Temporal False
26. All DEEWR users for ad hoc validation ^Top
ObjectID All DEEWR users for ad hoc validation
CreatedTime 25/08/2011 7:49:44
Description All users for ad hoc validation
DisplayName All DEEWR users for ad hoc validation
Filter /Person[starts-with(AccountName, 'CG2662')]
ObjectType Set
Temporal False
27. All DEEWR users for admin validation ^Top
ObjectID All DEEWR users for admin validation
CreatedTime 24/08/2011 23:48:15
Description All DEEWR users for admin validation
DisplayName All DEEWR users for admin validation
Filter /Person[starts-with(AccountName, 'AC')]
ObjectType Set
Temporal False
28. All DEEWR users with invalid ORG Admins ^Top
ObjectID All DEEWR users with invalid ORG Admins
CreatedTime 22/08/2011 2:58:17
Description All users with invalid ORG Admins
DisplayName All DEEWR users with invalid ORG Admins
Filter /Person[(not(DEEWR-esg-orgUserID = Set[ObjectID='1ea1bfab-4e4b-4f26-8bd8-dacb52fdeb82']/ComputedMember)) and (DEEWR-esg-orgUserID = /Set[ObjectID='7c866fd3-cf65-46cf-a198-4ea2f84980ec']/ComputedMember)]
ObjectType Set
Temporal False
29. All DEEWR Org Claims ^Top
ObjectID All DEEWR Org Claims
CreatedTime 12/07/2011 2:35:10
Description All Org Claims
DisplayName All DEEWR Org Claims
Filter /DEEWR-claim[(DEEWR-claimTypeID = 'b2d301a0-bf24-4da5-b104-1cee8bfa3a65')]
ObjectType Set
Temporal False
30. DEEWR-All valid claims ^Top
ObjectID DEEWR-All valid claims
CreatedTime 6/05/2011 6:11:45
Description All claims with Claim ID Name already set
DisplayName DEEWR-All valid claims
Filter /DEEWR-claim[DEEWR-claimIDName != '%Invalid%']
ObjectType Set
Temporal False
31. All DEEWR Domain users for provisioning ^Top
ObjectID All DEEWR Domain users for provisioning
CreatedTime 16/02/2011 6:36:41
Description DEEWR-All Domain Users for provisioning (Note - this will need to be a different definition for ENETDEV vs. CONSTRUCTION)
DisplayName All DEEWR Domain users for provisioning
Filter /Person[(Domain = 'ENETDEV') and (starts-with(DisplayName, 'FIMTEST'))]
ObjectType Set
Temporal False
32. DEEWR-All rejected invitations ^Top
ObjectID DEEWR-All rejected invitations
CreatedTime 16/05/2011 12:50:03
Description All DEEWR invitations marked as rejected and ready for deletion
DisplayName DEEWR-All rejected invitations
Filter /DEEWR-esg-invitation[(DEEWR-userID = /Set[ObjectID = '8887df8e-6e84-49f2-a794-f9e9802077e0']/ComputedMember) and (DEEWR-esg-isAccepted = False)]
ObjectType Set
Temporal False
33. All DEEWR Role Claims ^Top
ObjectID All DEEWR Role Claims
CreatedTime 1/08/2011 6:58:47
Description All Role Claims
DisplayName All DEEWR Role Claims
Filter /DEEWR-claim[(DEEWR-claimTypeID = '049571eb-48ca-4680-af07-c8689eb38a02') or (DEEWR-claimTypeID = '61aa5dc8-472e-4604-be07-a4473e79fb7b') or (DEEWR-claimTypeID = 'cf587657-abd0-4512-99a9-93db0d5f1df6')]
ObjectType Set
Temporal False
34. All DEEWR role claims to be deleted ^Top
ObjectID All DEEWR role claims to be deleted
CreatedTime 1/08/2011 7:05:35
Description All role claims to be deleted
DisplayName All DEEWR role claims to be deleted
Filter /DEEWR-claim[(ObjectID = /Set[ObjectID = 'a328c654-52ef-4727-baa8-07373cc921dc']/ComputedMember) and (ObjectID = /Set[ObjectID = '66d24c77-ba20-474d-a8ac-14ff7831cddb']/ComputedMember)]
ObjectType Set
Temporal False
35. All DEEWR users with invalid SITE Admins ^Top
ObjectID All DEEWR users with invalid SITE Admins
CreatedTime 22/08/2011 3:15:04
Description All users with invalid SITE Admins
DisplayName All DEEWR users with invalid SITE Admins
Filter /Person[(not(DEEWR-esg-siteUserID = /Set[ObjectID='ae00c10c-674d-4b43-bda4-136f1c8b27e5']/ComputedMember)) and (DEEWR-esg-siteUserID = /Set[ObjectID='7c866fd3-cf65-46cf-a198-4ea2f84980ec']/ComputedMember)]
ObjectType Set
Temporal False
36. All DEEWR Site Claims ^Top
ObjectID All DEEWR Site Claims
CreatedTime 12/07/2011 2:34:14
Description All Site Claims
DisplayName All DEEWR Site Claims
Filter /DEEWR-claim[(DEEWR-claimTypeID = '622173d5-6e23-44db-a6ce-c4bd5ae589fe')]
ObjectType Set
Temporal False
37. All DEEWR-esg-contracts ^Top
ObjectID All DEEWR-esg-contracts
CreatedTime 23/02/2011 4:58:20
Description All DEEWR-esg-contracts
DisplayName All DEEWR-esg-contracts
Filter /DEEWR-esg-contract
ObjectType Set
Temporal False
38. All DEEWR-esg-orgs ^Top
ObjectID All DEEWR-esg-orgs
CreatedTime 23/02/2011 4:57:12
Description All DEEWR-esg-orgs
DisplayName All DEEWR-esg-orgs
Filter /DEEWR-esg-org
ObjectType Set
Temporal False
39. All DEEWR-esg-roles ^Top
ObjectID All DEEWR-esg-roles
CreatedTime 11/04/2011 6:01:07
Description All DEEWR-esg-roles
DisplayName All DEEWR-esg-roles
Filter /DEEWR-esg-role
ObjectType Set
Temporal False
40. All DEEWR-esg-roleTemplates ^Top
ObjectID All DEEWR-esg-roleTemplates
CreatedTime 5/05/2011 4:52:17
Description All user templates defining default role membership
DisplayName All DEEWR-esg-roleTemplates
Filter /DEEWR-esg-roleTemplate
ObjectType Set
Temporal False
41. All DEEWR-esg-sites ^Top
ObjectID All DEEWR-esg-sites
CreatedTime 23/02/2011 4:57:44
Description All DEEWR-esg-sites
DisplayName All DEEWR-esg-sites
Filter /DEEWR-esg-site
ObjectType Set
Temporal False
42. All DEEWR-roles ^Top
ObjectID All DEEWR-roles
CreatedTime 11/05/2011 6:40:24
Description All DEEWR-roles
DisplayName All DEEWR-roles
Filter /DEEWR-role
ObjectType Set
Temporal False
43. All DEEWR Batch jobs for activation ^Top
ObjectID All DEEWR Batch jobs for activation
CreatedTime 23/08/2011 0:40:46
Description All DEEWR-batchJob resources for which the target set is to be activated
DisplayName All DEEWR Batch jobs for activation
Filter /DEEWR-batchJob[DEEWR-nextRunTime &lt; op:subtract-dayTimeDuration-from-dateTime(fn:current-dateTime(), xs:dayTimeDuration('P1D'))]
ObjectType Set
Temporal True
44. All DEEWR-esg-role templates ^Top
ObjectID All DEEWR-esg-role templates
CreatedTime 28/03/2011 11:55:43
Description All DEEWR-esg-role templates
DisplayName All DEEWR-esg-role templates
Filter /DEEWR-esg-roleTemplate
ObjectType Set
Temporal False
45. All DEEWR Users without valid APPs ^Top
ObjectID All DEEWR Users without valid APPs
CreatedTime 15/07/2011 2:23:37
Description Users without valid APPs
DisplayName All DEEWR Users without valid APPs
Filter /Person[ObjectID != /Set[ObjectID = 'ef062b32-9108-41e2-ae04-1f785db302df']/ComputedMember]
ObjectType Set
Temporal False
46. All DEEWR claims for IAMOSC ^Top
ObjectID All DEEWR claims for IAMOSC
CreatedTime 22/07/2011 1:56:00
Description All claims for IAMOSC
DisplayName All DEEWR claims for IAMOSC
Filter /DEEWR-claim[DEEWR-claimTypeID = '0517e3ca-0f10-4089-81b5-d1d912a73941']
ObjectType Set
Temporal False
47. All DEEWR claims for IAMSSC ^Top
ObjectID All DEEWR claims for IAMSSC
CreatedTime 22/07/2011 1:57:49
Description All claims for IAMSSC
DisplayName All DEEWR claims for IAMSSC
Filter /DEEWR-claim[DEEWR-claimTypeID = 'bec5921c-e493-43f1-915d-7691733c59f6']
ObjectType Set
Temporal False
48. All expected rule resources ^Top
ObjectID All expected rule resources
CreatedTime 25/10/2010 14:39:22
DisplayName All expected rule resources
Filter /ExpectedRuleEntry
ObjectType Set
49. All Detected Rule Resources ^Top
ObjectID All Detected Rule Resources
CreatedTime 25/10/2010 14:39:22
DisplayName All Detected Rule Resources
Filter /DetectedRuleEntry
ObjectType Set
50. All ma-data and mv-data Resources ^Top
ObjectID All ma-data and mv-data Resources
CreatedTime 25/10/2010 14:39:22
DisplayName All ma-data and mv-data Resources
Filter /*[ObjectType='ma-data' or ObjectType='mv-data']
ObjectType Set
51. Expiring Group Resources ^Top
ObjectID Expiring Group Resources
CreatedTime 25/10/2010 14:39:22
DisplayName Expiring Group Resources
Filter /Group[ExpirationTime &lt; op:add-dayTimeDuration-to-dateTime(fn:current-dateTime(), xs:dayTimeDuration("P14DT0H0M"))]
ObjectType Set
ResourceTime 17/07/2011 15:00:01
Temporal True
52. All Groups and Sets ^Top
ObjectID All Groups and Sets
CreatedTime 25/10/2010 14:39:22
DisplayName All Groups and Sets
Filter /*[ObjectType='Group' or ObjectType='Set']
ObjectType Set
Resource Type: SynchronizationRule
1. DEEWR-Outbound Synch Rule for Claims to SQL ^Top
ObjectID DEEWR-Outbound Synch Rule for Claims to SQL
ConnectedObjectType claim
ConnectedSystem {37818139-7EF0-4A70-A16A-046AFF0D5226}
CreateConnectedSystemObject True
CreatedTime 19/07/2011 3:07:23
CreateILMObject False
Description Outbound Synch Rule for Claims to SQL
DisconnectConnectedSystemObject True
DisplayName DEEWR-Outbound Synch Rule for Claims to SQL
FlowType 2
ILMObjectType DEEWR-claim
InitialFlow <export-flow allows-null="false"><src><attr>DEEWR-claimID</attr></src><dest>ClaimID</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src><attr>DEEWR-claimID</attr></src><dest>dn</dest><scoping></scoping><fn id="+" isCustomExpression="false"><arg>"UID="</arg><arg>DEEWR-claimID</arg><arg>",OU=Claims"</arg></fn></export-flow>
ObjectType SynchronizationRule
PersistentFlow <export-flow allows-null="false"><src><attr>DEEWR-applicationName</attr></src><dest>ApplicationName</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src><attr>DEEWR-claimTypleName</attr></src><dest>ClaimTypeName</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src><attr>DEEWR-claimValue</attr></src><dest>ClaimValue</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src><attr>DEEWR-claimValueType</attr></src><dest>ClaimValueType</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src><attr>DEEWR-subKeyName</attr></src><dest>subKey</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src><attr>DEEWR-userIDName</attr></src><dest>UserIDName</dest><scoping></scoping></export-flow>; <import-flow><src><attr>ClaimID</attr></src><dest>DEEWR-claimID</dest><scoping></scoping></import-flow>
Precedence 1
RelationshipCriteria <conditions><condition><ilmAttribute>DEEWR-claimID</ilmAttribute><csAttribute>ClaimID</csAttribute></condition></conditions>
ManagementAgentID
9292956d-018e-4dad-8931-b6b53e927d4a
2. DEEWR-Outbound Synch Rule for Users to AD ^Top
ObjectID DEEWR-Outbound Synch Rule for Users to AD
ConnectedObjectType user
ConnectedSystem {9602C2D3-1D46-4F5B-9B22-A0AE06F1A155}
CreateConnectedSystemObject True
CreatedTime 19/07/2011 3:07:26
CreateILMObject False
Description Outbound Synch Rule for Users to AD, including Vasco certificate assignments
DisconnectConnectedSystemObject False
DisplayName DEEWR-Outbound Synch Rule for Users to AD
ExistenceTest <export-flow allows-null="false"><src>0</src><dest>pwdLastSet</dest><scoping></scoping></export-flow>
FlowType 1
ILMObjectType person
InitialFlow <export-flow allows-null="false"><src><attr>accountName</attr></src><dest>dn</dest><scoping></scoping><fn id="+" isCustomExpression="false"><arg>"CN="</arg><arg>accountName</arg><arg>$TargetOU</arg></fn></export-flow>; <export-flow allows-null="false"><src><attr>accountName</attr></src><dest>sAMAccountName</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src><attr>accountName</attr></src><dest>userPrincipalName</dest><scoping></scoping><fn id="+" isCustomExpression="false"><arg>accountName</arg><arg>"@dev.construction.enet"</arg></fn></export-flow>; <export-flow allows-null="false"><src><attr>unicodePwd</attr></src><dest>unicodePwd</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src>0</src><dest>pwdLastSet</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src>512</src><dest>userAccountControl</dest><scoping></scoping></export-flow>
ObjectType SynchronizationRule
PersistentFlow <export-flow allows-null="false"><src><attr>accountName</attr></src><dest>dn</dest><scoping></scoping><fn id="+" isCustomExpression="false"><arg>"CN="</arg><arg>accountName</arg><arg>$TargetOU</arg></fn></export-flow>; <export-flow allows-null="false"><src><attr>DEEWR-info</attr></src><dest>info</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src><attr>displayName</attr></src><dest>displayName</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src><attr>employeeType</attr></src><dest>employeeType</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src><attr>firstName</attr></src><dest>givenName</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src><attr>lastName</attr></src><dest>sn</dest><scoping></scoping></export-flow>; <export-flow allows-null="true"><src><attr>DEEWR-selfServicePassword</attr></src><dest>employmentAUExtIAMSelfServicePassword</dest><scoping></scoping></export-flow>; <export-flow allows-null="true"><src><attr>DEEWR-VascoDigipassData</attr></src><dest>VascoDigipassData</dest><scoping></scoping></export-flow>; <export-flow allows-null="true"><src><attr>DEEWR-vasco-LinkVascoUserToVascoDigipass</attr></src><dest>vasco-LinkVascoUserToVascoDigipass</dest><scoping><scope><csAttribute>ObjectType</csAttribute><csOperator>EQUAL</csOperator><csValue>vasco-DPToken</csValue></scope><scope><csAttribute>ObjectType</csAttribute><csOperator>EQUAL</csOperator><csValue>user</csValue></scope></scoping></export-flow>; <export-flow allows-null="true"><src><attr>employeeID</attr></src><dest>employeeID</dest><scoping></scoping></export-flow>; <export-flow allows-null="true"><src><attr>manager</attr></src><dest>manager</dest><scoping></scoping></export-flow>; <export-flow allows-null="false"><src><attr>DEEWR-isActive</attr><attr>userAccountControl</attr></src><dest>userAccountControl</dest><scoping></scoping><fn id="IIF" isCustomExpression="false"><arg>DEEWR-isActive</arg><arg><fn id="IIF" isCustomExpression="true"><arg><fn id="IsPresent" isCustomExpression="false"><arg>userAccountControl</arg></fn></arg><arg><fn id="BitAnd" isCustomExpression="false"><arg>userAccountControl</arg><arg>9223372036854775805</arg></fn></arg><arg>512</arg></fn></arg><arg><fn id="IIF" isCustomExpression="true"><arg><fn id="IsPresent" isCustomExpression="false"><arg>userAccountControl</arg></fn></arg><arg><fn id="BitOr" isCustomExpression="false"><arg>userAccountControl</arg><arg>2</arg></fn></arg><arg>514</arg></fn></arg></fn></export-flow>
Precedence 1
RelationshipCriteria <conditions><condition><ilmAttribute>objectSid</ilmAttribute><csAttribute>objectSid</csAttribute></condition></conditions>
SynchronizationRuleParameters <sync-parameter><name>TargetOU</name><type>String</type></sync-parameter>
ManagementAgentID
132661a1-9c97-46df-b74e-850797ee0c34
Resource Type: WorkflowDefinition
1. DEEWR - Event Broker Data Changes ^Top
ObjectID DEEWR - Event Broker Data Changes
CreatedTime 25/02/2011 0:27:47
Description This workflow writes to the log file used to inform the FIM MA to import data changes only
DisplayName DEEWR - Event Broker Data Changes
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
EventBrokerChangesActivity
EndPointAddress http://localhost:59990/EventBroker/EventBrokerManagementStudio.svc
EndPointConfigurationName ServerNotifications
OperationListGuid c3cdef86-3c5c-4607-bc7d-e40321dbb64a
Description Invokes a specified Event Broker operation list. This activity should only be used to specify either an incoming operation list for the FIM Portal MA, or to point at a baselining operation list.
2. DEEWR - Event Broker Rule Changes ^Top
ObjectID DEEWR - Event Broker Rule Changes
CreatedTime 25/02/2011 0:29:47
Description This workflow writes to the log file used to inform the FIM MA to import rule changes only
DisplayName DEEWR - Event Broker Rule Changes
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
EventBrokerChangesActivity
EndPointAddress http://localhost:59990/EventBroker/EventBrokerManagementStudio.svc
EndPointConfigurationName ServerNotifications
OperationListGuid 1cf17c16-3932-41fb-9e21-5343d0cbdf44
Description Invokes a specified Event Broker operation list. This activity should only be used to specify either an incoming operation list for the FIM Portal MA, or to point at a baselining operation list.
3. DEEWR-Activate batch job ^Top
ObjectID DEEWR-Activate batch job
CreatedTime 23/08/2011 0:39:30
Description Activate to trigger the target MPR for a batch
DisplayName DEEWR-Activate batch job
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate True
Workflow Activity #1
UpdateResourceFromWorkflowData
ObjectType ManagementPolicyRule
DisplayName [//Target/DisplayName]
ResourceQuery /ManagementPolicyRule[ObjectID='[//Target/Target]']
ExtraAttributes Disabled=bool:False
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRActivateTargetBatchJob.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #2
UpdateResourceFromWorkflowData
ObjectType ManagementPolicyRule
DisplayName [//Target/DisplayName]
ResourceQuery /ManagementPolicyRule[ObjectID='[//Target/Target]']
ExtraAttributes Disabled=bool:True
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRActivateTargetBatchJob.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #3
LookupPropertiesActivity
XPathFilter //Request
AttributeNames CreatedTime
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRActivateTargetBatchJob.log
OverwriteLogFile False
LogMode verbose
Workflow Activity #4
UpdateResourceFromWorkflowData
ObjectType DEEWR-batchJob
DisplayName [//Target/DisplayName]
ResourceQuery /DEEWR-batchJob[ObjectID='[//Target/ObjectID]']
ExtraAttributes DEEWR-nextRunTime=datetime:[//WorkflowData/CreatedTime]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRActivateTargetBatchJob.log
OverwriteLogFile False
LogMode verbose
4. DEEWR-Add org admins for an OSC ^Top
ObjectID DEEWR-Add org admins for an OSC
CreatedTime 18/05/2011 1:32:11
Description Users assigned to an ORG must also be updated when the set of corresponding OSCs changes (additions)
DisplayName DEEWR-Add org admins for an OSC
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[ not(DEEWR-esg-orgUserID = '[//Target/DEEWR-userID]') and (ObjectID= /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='Org']) and (DEEWR-claimValueID=/DEEWR-claim[ObjectID='[//Target/ObjectID]']/DEEWR-claimValueID) ]/DEEWR-userID) and not(ObjectID ='[//Target/DEEWR-userID]') ]
ExtraAttributes DEEWR-esg-orgUserID=guid:+[//Target/DEEWR-userID]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRAddOrgAdminsForAnOSC.log
OverwriteLogFile True
LogMode minimal
5. DEEWR-Add site admins for an SSC ^Top
ObjectID DEEWR-Add site admins for an SSC
CreatedTime 18/05/2011 0:06:48
Description Users assigned to a SITE must also be updated when the set of corresponding SSCs changes (additions)
DisplayName DEEWR-Add site admins for an SSC
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[ not(DEEWR-esg-siteUserID = '[//Target/DEEWR-userID]') and (ObjectID= /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='Site']) and (DEEWR-claimValueID=/DEEWR-claim[ObjectID='[//Target/ObjectID]']/DEEWR-claimValueID) ]/DEEWR-userID) and not(ObjectID ='[//Target/DEEWR-userID]') ]
ExtraAttributes DEEWR-esg-siteUserID=guid:+[//Target/DEEWR-userID]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRAddSiteAdminsForAnSSC.log
OverwriteLogFile True
LogMode minimal
6. DEEWR-Apply invitation to entitlements ^Top
ObjectID DEEWR-Apply invitation to entitlements
CreatedTime 16/05/2011 8:25:12
Description Assign a new ORG entitlement for the invitee's user record and delete the processed invitation
DisplayName DEEWR-Apply invitation to entitlements
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
FunctionActivity
Description Initialize DEEWR-claimValue
Destination [//WorkflowData/DEEWR-claimValue]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
FunctionActivity
Description Default ObjectID
Destination [//WorkflowData/ObjectID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #3
FunctionActivity
Description DEEWR-subKeyBinding
Destination [//WorkflowData/DEEWR-subKeyBinding]
FunctionExpression <fn id="SingleValueAssignment" isCustomExpression="false"><arg>"Company"</arg></fn>
isCustomExpression
Workflow Activity #4
FunctionActivity
Description Initialise DEEWR-subKeyID
Destination [//WorkflowData/DEEWR-subKeyID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #5
FunctionActivity
Description Initialise DEEWR-subKeyName
Destination [//WorkflowData/DEEWR-subKeyName]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #6
LookupPropertiesActivity
XPathFilter /DEEWR-claimType[DisplayName='Org']
AttributeNames ObjectID=DEEWR-claimTypeID DisplayName=DEEWR-claimTypeName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRApplyInvitationToEntitlements.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #7
LookupPropertiesActivity
XPathFilter /DEEWR-esg-org[(ObjectID = /DEEWR-esg-invitation[ObjectID='[//Target/ObjectID]']/DEEWR-esg-organisationID)]
AttributeNames ObjectID DisplayName=DEEWR-claimValue
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRApplyInvitationToEntitlements.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #8
LookupPropertiesActivity
XPathFilter /DEEWR-subKey[ObjectID=/DEEWR-App[ObjectID='[//Target/DEEWR-applicationID]']/DEEWR-subKeyID]
AttributeNames DisplayName=DEEWR-subKeyObjectType Description=DEEWR-subKeyBinding
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRApplyInvitationToEntitlements.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #9
LookupPropertiesActivity
XPathFilter /DEEWR-esg-org[DisplayName='[//WorkflowData/DEEWR-claimValue]']
AttributeNames ObjectID=DEEWR-subKeyID DisplayName=DEEWR-subKeyName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRApplyInvitationToEntitlements.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #10
LookupPropertiesActivity
XPathFilter /DEEWR-App[ObjectID='[//Target/DEEWR-applicationID]']
AttributeNames DisplayName=DEEWR-applicationName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRApplyInvitationToEntitlements.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #11
LookupPropertiesActivity
XPathFilter /Person[ObjectID='[//Target/DEEWR-userID]']
AttributeNames DisplayName=DEEWR-userName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRApplyInvitationToEntitlements.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #12
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//WorkflowData/DEEWR-applicationName] [//WorkflowData/DEEWR-claimTypeName] claims for [//WorkflowData/DEEWR-userName], sub key [//WorkflowData/DEEWR-claimValue]
ResourceQuery /DEEWR-claim[(DEEWR-applicationID = '[//Target/DEEWR-applicationID]') and (DEEWR-subKeyID = '[//WorkflowData/DEEWR-subKeyID]') and (DEEWR-claimTypeID = '[//WorkflowData/DEEWR-claimTypeID]') and (DEEWR-userID = '[//Target/ObjectID]')]
ExtraAttributes DEEWR-applicationID=guid:[//Target/DEEWR-applicationID] DEEWR-claimTypeID=guid:[//WorkflowData/DEEWR-claimTypeID] DEEWR-userID=guid:[//Target/DEEWR-userID] DEEWR-claimValueType=string:string DEEWR-claimValue=string:[//WorkflowData/DEEWR-claimValue] Description=string:[//WorkflowData/DEEWR-claimTypeName]s [//WorkflowData/DEEWR-claimValue] DEEWR-subKeyName=string:[//WorkflowData/DEEWR-claimValue] DEEWR-subKeyID=guid:[//WorkflowData/DEEWR-subKeyID] DEEWR-claimValueID=guid[]:[//WorkflowData/ObjectID]
DeleteIfFound False
InsertIfNotFound True
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRApplyInvitationToEntitlements.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #13
LookupPropertiesActivity
XPathFilter /DEEWR-claim[(DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='IAMOSC']) and ( DEEWR-claimValueID=/DEEWR-esg-org[ObjectID='[//Target/DEEWR-esg-organisationID]'])]/DEEWR-userID
AttributeNames ObjectID=OSCStaff
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRApplyInvitationToEntitlements.log
OverwriteLogFile False
LogMode verbose
Workflow Activity #14
UpdateResourceFromWorkflowData
ObjectType DEEWR-esg-invitation
DisplayName [//Target/DisplayName]
ResourceQuery /DEEWR-esg-invitation[ObjectID='[//Target/ObjectID]']
ExtraAttributes
DeleteIfFound True
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRApplyInvitationToEntitlements.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #15
EmailNotificationActivity
To [//WorkflowData/OSCStaff];
EmailTemplate 56b1ce5b-4d3a-4b61-be2b-55aaa6b7b328
7. DEEWR-Clean up after user account is provisioned ^Top
ObjectID DEEWR-Clean up after user account is provisioned
CreatedTime 7/07/2011 2:40:20
Description Need to clear out the initial password field
DisplayName DEEWR-Clean up after user account is provisioned
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[ObjectID='[//Target/ObjectID]']
ExtraAttributes DEEWR-unicodePwd=string:NULL
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRCleanUpAfterUserAccountIsProvisioinedToAD.log
OverwriteLogFile True
LogMode minimal
8. DEEWR-Create or update user ESG ORG claims ^Top
ObjectID DEEWR-Create or update user ESG ORG claims
CreatedTime 9/05/2011 10:36:10
Description Create or update user ESG ORG claims
DisplayName DEEWR-Create or update user ESG ORG claims
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
FunctionActivity
Description Initialize DEEWR-claimValue
Destination [//WorkflowData/DEEWR-claimValue]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
FunctionActivity
Description Default ObjectID
Destination [//WorkflowData/ObjectID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #3
FunctionActivity
Description DEEWR-subKeyBinding
Destination [//WorkflowData/DEEWR-subKeyBinding]
FunctionExpression <fn id="SingleValueAssignment" isCustomExpression="false"><arg>"Company"</arg></fn>
isCustomExpression
Workflow Activity #4
FunctionActivity
Description Initialise DEEWR-subKeyID
Destination [//WorkflowData/DEEWR-subKeyID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #5
FunctionActivity
Description Initialise DEEWR-subKeyName
Destination [//WorkflowData/DEEWR-subKeyName]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #6
LookupPropertiesActivity
XPathFilter /DEEWR-claimType[DisplayName='Org']
AttributeNames ObjectID=DEEWR-claimTypeID DisplayName=DEEWR-claimTypeName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserOrgClaims.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #7
LookupPropertiesActivity
XPathFilter /DEEWR-esg-org[(ObjectID = /Person[ObjectID='[//Target/ObjectID]']/DEEWR-esg-organisationID)]
AttributeNames ObjectID DisplayName=DEEWR-claimValue
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserOrgClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #8
LookupPropertiesActivity
XPathFilter /DEEWR-subKey[ObjectID=/DEEWR-App[ObjectID='[//Target/DEEWR-appID]']/DEEWR-subKeyID]
AttributeNames DisplayName=DEEWR-subKeyObjectType Description=DEEWR-subKeyBinding
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserOrgClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #9
LookupPropertiesActivity
XPathFilter /ConstantSpecifier[DisplayName='None']
AttributeNames ObjectID=DEEWR-subKeyID Description=DEEWR-subKeyName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserOrgClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #10
LookupPropertiesActivity
XPathFilter /Person[ObjectID='[//Requestor/ObjectID]']
AttributeNames [//WorkflowData/DEEWR-subKeyBinding]=DEEWR-subKeyID
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserOrgClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #11
LookupPropertiesActivity
XPathFilter /Person[ObjectID='[//Target/ObjectID]']
AttributeNames [//WorkflowData/DEEWR-subKeyBinding]=DEEWR-subKeyID
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserOrgClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #12
LookupPropertiesActivity
XPathFilter /*[ObjectID='[//WorkflowData/DEEWR-subKeyID]']
AttributeNames ObjectID=DEEWR-subKeyID DisplayName=DEEWR-subKeyName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserOrgClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #13
LookupPropertiesActivity
XPathFilter /DEEWR-App[ObjectID='[//Target/DEEWR-appID]']
AttributeNames DisplayName=DEEWR-applicationName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserOrgClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #14
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//WorkflowData/DEEWR-applicationName] [//WorkflowData/DEEWR-claimTypeName] claims for [//Target/DisplayName], sub key [//WorkflowData/DEEWR-subKeyName]
ResourceQuery /DEEWR-claim[(DEEWR-applicationID = '[//Target/DEEWR-appID]') and (DEEWR-subKeyID = '[//WorkflowData/DEEWR-subKeyID]') and (DEEWR-claimTypeID = '[//WorkflowData/DEEWR-claimTypeID]') and (DEEWR-userID = '[//Target/ObjectID]')]
ExtraAttributes DEEWR-applicationID=guid:[//Target/DEEWR-appID] DEEWR-claimTypeID=guid:[//WorkflowData/DEEWR-claimTypeID] DEEWR-userID=guid:[//Target/ObjectID] DEEWR-claimValueType=string:string DEEWR-claimValue=string:[//WorkflowData/DEEWR-claimValue] Description=string:[//WorkflowData/DEEWR-claimTypeName]s [//WorkflowData/DEEWR-claimValue] DEEWR-subKeyName=string:[//WorkflowData/DEEWR-subKeyName] DEEWR-subKeyID=guid:[//WorkflowData/DEEWR-subKeyID] DEEWR-claimValueID=guid[]:[//WorkflowData/ObjectID]
DeleteIfFound False
InsertIfNotFound True
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserOrgClaims.log
OverwriteLogFile False
LogMode minimal
9. DEEWR-Create or update user ESG ROLE claims ^Top
ObjectID DEEWR-Create or update user ESG ROLE claims
CreatedTime 9/05/2011 10:42:20
Description Create or update user ESG ROLE claims
DisplayName DEEWR-Create or update user ESG ROLE claims
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
FunctionActivity
Description Initialize DEEWR-BaseRoleClaimValue
Destination [//WorkflowData/DEEWR-BaseRoleClaimValue]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
FunctionActivity
Description Initialize DEEWR-GeneralRoleClaimValue
Destination [//WorkflowData/DEEWR-GeneralRoleClaimValue]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #3
FunctionActivity
Description Initialize DEEWR-ReportingRoleClaimValue
Destination [//WorkflowData/DEEWR-ReportingRoleClaimValue]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #4
FunctionActivity
Description Default DEEWR-BaseRoleID
Destination [//WorkflowData/DEEWR-BaseRoleID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #5
FunctionActivity
Description Default DEEWR-GeneralRoleID
Destination [//WorkflowData/DEEWR-GeneralRoleID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #6
FunctionActivity
Description Default DEEWR-ReportingRoleID
Destination [//WorkflowData/DEEWR-ReportingRoleID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #7
FunctionActivity
Description DEEWR-subKeyBinding
Destination [//WorkflowData/DEEWR-subKeyBinding]
FunctionExpression <fn id="SingleValueAssignment" isCustomExpression="false"><arg>"Company"</arg></fn>
isCustomExpression
Workflow Activity #8
FunctionActivity
Description Initialise DEEWR-subKeyID
Destination [//WorkflowData/DEEWR-subKeyID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #9
FunctionActivity
Description Initialise DEEWR-subKeyName
Destination [//WorkflowData/DEEWR-subKeyName]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #10
LookupPropertiesActivity
XPathFilter /DEEWR-claimType[DisplayName='Base Role']
AttributeNames ObjectID=DEEWR-BaseRoleClaimTypeID DisplayName=DEEWR-BaseRoleClaimTypeName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #11
LookupPropertiesActivity
XPathFilter /DEEWR-claimType[DisplayName='General Role']
AttributeNames ObjectID=DEEWR-GeneralRoleClaimTypeID DisplayName=DEEWR-GeneralRoleClaimTypeName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #12
LookupPropertiesActivity
XPathFilter /DEEWR-claimType[DisplayName='Reporting Role']
AttributeNames ObjectID=DEEWR-ReportingRoleClaimTypeID DisplayName=DEEWR-ReportingRoleClaimTypeName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #13
LookupPropertiesActivity
XPathFilter /DEEWR-esg-role[(ObjectID = /Person[ObjectID='[//Target/ObjectID]']/DEEWR-esg-roleID) and (DEEWR-esg-roleType = 'Base Role')]
AttributeNames ObjectID=DEEWR-BaseRoleID DisplayName=DEEWR-BaseRoleClaimValue
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #14
LookupPropertiesActivity
XPathFilter /DEEWR-esg-role[(ObjectID = /Person[ObjectID='[//Target/ObjectID]']/DEEWR-esg-roleID) and (DEEWR-esg-roleType = 'General Role')]
AttributeNames ObjectID=DEEWR-GeneralRoleID DisplayName=DEEWR-GeneralRoleClaimValue
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #15
LookupPropertiesActivity
XPathFilter /DEEWR-esg-role[(ObjectID = /Person[ObjectID='[//Target/ObjectID]']/DEEWR-esg-roleID) and (DEEWR-esg-roleType = 'Reporting Role')]
AttributeNames ObjectID=DEEWR-ReportingRoleID DisplayName=DEEWR-ReportingRoleClaimValue
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #16
LookupPropertiesActivity
XPathFilter /DEEWR-subKey[ObjectID=/DEEWR-App[ObjectID='[//Target/DEEWR-appID]']/DEEWR-subKeyID]
AttributeNames DisplayName=DEEWR-subKeyObjectType Description=DEEWR-subKeyBinding
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #17
LookupPropertiesActivity
XPathFilter /ConstantSpecifier[DisplayName='None']
AttributeNames ObjectID=DEEWR-subKeyID Description=DEEWR-subKeyName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #18
LookupPropertiesActivity
XPathFilter /Person[ObjectID='[//Requestor/ObjectID]']
AttributeNames [//WorkflowData/DEEWR-subKeyBinding]=DEEWR-subKeyID
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #19
LookupPropertiesActivity
XPathFilter /Person[ObjectID='[//Target/ObjectID]']
AttributeNames [//WorkflowData/DEEWR-subKeyBinding]=DEEWR-subKeyID
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #20
LookupPropertiesActivity
XPathFilter /*[ObjectID='[//WorkflowData/DEEWR-subKeyID]']
AttributeNames ObjectID=DEEWR-subKeyID DisplayName=DEEWR-subKeyName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #21
LookupPropertiesActivity
XPathFilter /DEEWR-App[ObjectID='[//Target/DEEWR-appID]']
AttributeNames DisplayName=DEEWR-applicationName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #22
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//WorkflowData/DEEWR-applicationName] [//WorkflowData/DEEWR-BaseRoleClaimTypeName] claims for [//Target/DisplayName], sub key [//WorkflowData/DEEWR-subKeyName]
ResourceQuery /DEEWR-claim[(DEEWR-applicationID = '[//Target/DEEWR-appID]') and (DEEWR-subKeyID = '[//WorkflowData/DEEWR-subKeyID]') and (DEEWR-claimTypeID = '[//WorkflowData/DEEWR-BaseRoleClaimTypeID]') and (DEEWR-userID = '[//Target/ObjectID]')]
ExtraAttributes DEEWR-applicationID=guid:[//Target/DEEWR-appID] DEEWR-claimTypeID=guid:[//WorkflowData/DEEWR-BaseRoleClaimTypeID] DEEWR-userID=guid:[//Target/ObjectID] DEEWR-claimValueType=string:string DEEWR-claimValue=string:[//WorkflowData/DEEWR-BaseRoleClaimValue] Description=string:[//WorkflowData/DEEWR-BaseRoleClaimTypeName]s [//WorkflowData/DEEWR-BaseRoleClaimValue] DEEWR-subKeyName=string:[//WorkflowData/DEEWR-subKeyName] DEEWR-subKeyID=guid:[//WorkflowData/DEEWR-subKeyID] DEEWR-claimValueID=guid[]:[//WorkflowData/DEEWR-BaseRoleID]
DeleteIfFound False
InsertIfNotFound True
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #23
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//WorkflowData/DEEWR-applicationName] [//WorkflowData/DEEWR-GeneralRoleClaimTypeName] claims for [//Target/DisplayName], sub key [//WorkflowData/DEEWR-subKeyName]
ResourceQuery /DEEWR-claim[(DEEWR-applicationID = '[//Target/DEEWR-appID]') and (DEEWR-subKeyID = '[//WorkflowData/DEEWR-subKeyID]') and (DEEWR-claimTypeID = '[//WorkflowData/DEEWR-GeneralRoleClaimTypeID]') and (DEEWR-userID = '[//Target/ObjectID]')]
ExtraAttributes DEEWR-applicationID=guid:[//Target/DEEWR-appID] DEEWR-claimTypeID=guid:[//WorkflowData/DEEWR-GeneralRoleClaimTypeID] DEEWR-userID=guid:[//Target/ObjectID] DEEWR-claimValueType=string:string DEEWR-claimValue=string:[//WorkflowData/DEEWR-GeneralRoleClaimValue] Description=string:[//WorkflowData/DEEWR-GeneralRoleClaimTypeName]s [//WorkflowData/DEEWR-GeneralRoleClaimValue] DEEWR-subKeyName=string:[//WorkflowData/DEEWR-subKeyName] DEEWR-subKeyID=guid:[//WorkflowData/DEEWR-subKeyID] DEEWR-claimValueID=guid[]:[//WorkflowData/DEEWR-GeneralRoleID]
DeleteIfFound False
InsertIfNotFound True
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #24
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//WorkflowData/DEEWR-applicationName] [//WorkflowData/DEEWR-ReportingRoleClaimTypeName] claims for [//Target/DisplayName], sub key [//WorkflowData/DEEWR-subKeyName]
ResourceQuery /DEEWR-claim[(DEEWR-applicationID = '[//Target/DEEWR-appID]') and (DEEWR-subKeyID = '[//WorkflowData/DEEWR-subKeyID]') and (DEEWR-claimTypeID = '[//WorkflowData/DEEWR-ReportingRoleClaimTypeID]') and (DEEWR-userID = '[//Target/ObjectID]')]
ExtraAttributes DEEWR-applicationID=guid:[//Target/DEEWR-appID] DEEWR-claimTypeID=guid:[//WorkflowData/DEEWR-ReportingRoleClaimTypeID] DEEWR-userID=guid:[//Target/ObjectID] DEEWR-claimValueType=string:string DEEWR-claimValue=string:[//WorkflowData/DEEWR-ReportingRoleClaimValue] Description=string:[//WorkflowData/DEEWR-ReportingRoleClaimTypeName]s [//WorkflowData/DEEWR-ReportingRoleClaimValue] DEEWR-subKeyName=string:[//WorkflowData/DEEWR-subKeyName] DEEWR-subKeyID=guid:[//WorkflowData/DEEWR-subKeyID] DEEWR-claimValueID=guid[]:[//WorkflowData/DEEWR-ReportingRoleID]
DeleteIfFound False
InsertIfNotFound True
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserRoleClaims.log
OverwriteLogFile False
LogMode minimal
10. DEEWR-Create or update user ESG SITE claims ^Top
ObjectID DEEWR-Create or update user ESG SITE claims
CreatedTime 21/04/2011 4:22:02
Description Create or update user ESG SITE claims
DisplayName DEEWR-Create or update user ESG SITE claims
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
FunctionActivity
Description Initialize DEEWR-claimValue
Destination [//WorkflowData/DEEWR-claimValue]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
FunctionActivity
Description Default ObjectID
Destination [//WorkflowData/ObjectID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #3
FunctionActivity
Description DEEWR-subKeyBinding
Destination [//WorkflowData/DEEWR-subKeyBinding]
FunctionExpression <fn id="SingleValueAssignment" isCustomExpression="false"><arg>"Company"</arg></fn>
isCustomExpression
Workflow Activity #4
FunctionActivity
Description Initialise DEEWR-subKeyID
Destination [//WorkflowData/DEEWR-subKeyID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #5
FunctionActivity
Description Initialise DEEWR-subKeyName
Destination [//WorkflowData/DEEWR-subKeyName]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #6
LookupPropertiesActivity
XPathFilter /DEEWR-claimType[DisplayName='Site']
AttributeNames ObjectID=DEEWR-claimTypeID DisplayName=DEEWR-claimTypeName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserSiteClaims.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #7
LookupPropertiesActivity
XPathFilter /DEEWR-esg-site[(ObjectID = /Person[ObjectID='[//Target/ObjectID]']/DEEWR-esg-siteID)]
AttributeNames ObjectID DisplayName=DEEWR-claimValue
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserSiteClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #8
LookupPropertiesActivity
XPathFilter /DEEWR-subKey[ObjectID=/DEEWR-App[ObjectID='[//Target/DEEWR-appID]']/DEEWR-subKeyID]
AttributeNames DisplayName=DEEWR-subKeyObjectType Description=DEEWR-subKeyBinding
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserSiteClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #9
LookupPropertiesActivity
XPathFilter /ConstantSpecifier[DisplayName='None']
AttributeNames ObjectID=DEEWR-subKeyID Description=DEEWR-subKeyName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserSiteClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #10
LookupPropertiesActivity
XPathFilter /Person[ObjectID='[//Requestor/ObjectID]']
AttributeNames [//WorkflowData/DEEWR-subKeyBinding]=DEEWR-subKeyID
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserSiteClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #11
LookupPropertiesActivity
XPathFilter /Person[ObjectID='[//Target/ObjectID]']
AttributeNames [//WorkflowData/DEEWR-subKeyBinding]=DEEWR-subKeyID
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserSiteClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #12
LookupPropertiesActivity
XPathFilter /*[ObjectID='[//WorkflowData/DEEWR-subKeyID]']
AttributeNames ObjectID=DEEWR-subKeyID DisplayName=DEEWR-subKeyName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserSiteClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #13
LookupPropertiesActivity
XPathFilter /DEEWR-App[ObjectID='[//Target/DEEWR-appID]']
AttributeNames DisplayName=DEEWR-applicationName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserSiteClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #14
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//WorkflowData/DEEWR-applicationName] [//WorkflowData/DEEWR-claimTypeName] claims for [//Target/DisplayName], sub key [//WorkflowData/DEEWR-subKeyName]
ResourceQuery /DEEWR-claim[(DEEWR-applicationID = '[//Target/DEEWR-appID]') and (DEEWR-subKeyID = '[//WorkflowData/DEEWR-subKeyID]') and (DEEWR-claimTypeID = '[//WorkflowData/DEEWR-claimTypeID]') and (DEEWR-userID = '[//Target/ObjectID]')]
ExtraAttributes DEEWR-applicationID=guid:[//Target/DEEWR-appID] DEEWR-claimTypeID=guid:[//WorkflowData/DEEWR-claimTypeID] DEEWR-userID=guid:[//Target/ObjectID] DEEWR-claimValueType=string:string DEEWR-claimValue=string:[//WorkflowData/DEEWR-claimValue] Description=string:[//WorkflowData/DEEWR-claimTypeName]s [//WorkflowData/DEEWR-claimValue] DEEWR-subKeyName=string:[//WorkflowData/DEEWR-subKeyName] DEEWR-subKeyID=guid:[//WorkflowData/DEEWR-subKeyID] DEEWR-claimValueID=guid[]:[//WorkflowData/ObjectID]
DeleteIfFound False
InsertIfNotFound True
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateUserSiteClaims.log
OverwriteLogFile False
LogMode minimal
11. DEEWR-Create or update user IAMOSC ADMIN ROLE claims ^Top
ObjectID DEEWR-Create or update user IAMOSC ADMIN ROLE claims
CreatedTime 17/08/2011 7:28:29
Description Create or update user IAMOSC ADMIN ROLE claims
DisplayName DEEWR-Create or update user IAMOSC ADMIN ROLE claims
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
FunctionActivity
Description Initialize DEEWR-claimValue
Destination [//WorkflowData/DEEWR-claimValue]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
FunctionActivity
Description Default ObjectID
Destination [//WorkflowData/ObjectID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #3
FunctionActivity
Description DEEWR-subKeyBinding
Destination [//WorkflowData/DEEWR-subKeyBinding]
FunctionExpression <fn id="SingleValueAssignment" isCustomExpression="false"><arg>"Company"</arg></fn>
isCustomExpression
Workflow Activity #4
FunctionActivity
Description Initialise DEEWR-subKeyID
Destination [//WorkflowData/DEEWR-subKeyID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #5
FunctionActivity
Description Initialise DEEWR-subKeyName
Destination [//WorkflowData/DEEWR-subKeyName]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #6
LookupPropertiesActivity
XPathFilter /DEEWR-claimType[DEEWR-roleID='[//Target/DEEWR-roleID]']
AttributeNames ObjectID=DEEWR-claimTypeID DisplayName=DEEWR-claimTypeName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateIAMOSCAdminRoleClaims.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #7
LookupPropertiesActivity
XPathFilter /DEEWR-esg-org[(ObjectID = /Person[ObjectID='[//Target/ObjectID]']/DEEWR-esg-organisationID)]
AttributeNames ObjectID DisplayName=DEEWR-claimValue
SaveWorkflowDataStorageMode List
LogFile D:\Logs\FIMService\CreateOrUpdateIAMOSCAdminRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #8
LookupPropertiesActivity
XPathFilter /ConstantSpecifier[DisplayName='None']
AttributeNames ObjectID=DEEWR-subKeyID Description=DEEWR-subKeyName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateIAMOSCAdminRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #9
LookupPropertiesActivity
XPathFilter /DEEWR-App[DisplayName='IAM']
AttributeNames ObjectID=DEEWR-appID DisplayName=DEEWR-applicationName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateIAMOSCAdminRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #10
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//WorkflowData/DEEWR-applicationName] [//WorkflowData/DEEWR-claimTypeName] claims for [//Target/DisplayName], sub key [//WorkflowData/DEEWR-subKeyName]
ResourceQuery /DEEWR-claim[(DEEWR-applicationID = '[//WorkflowData/DEEWR-appID]') and (DEEWR-subKeyID = '[//WorkflowData/DEEWR-subKeyID]') and (DEEWR-claimTypeID = '[//WorkflowData/DEEWR-claimTypeID]') and (DEEWR-userID = '[//Target/ObjectID]')]
ExtraAttributes DEEWR-applicationID=guid:[//WorkflowData/DEEWR-appID] DEEWR-claimTypeID=guid:[//WorkflowData/DEEWR-claimTypeID] DEEWR-userID=guid:[//Target/ObjectID] DEEWR-claimValueType=string:string DEEWR-claimValue=string:[//WorkflowData/DEEWR-claimValue] Description=string:[//WorkflowData/DEEWR-claimTypeName]s [//WorkflowData/DEEWR-claimValue] DEEWR-subKeyName=string:[//WorkflowData/DEEWR-subKeyName] DEEWR-subKeyID=guid:[//WorkflowData/DEEWR-subKeyID] DEEWR-claimValueID=guid[]:[//WorkflowData/ObjectID]
DeleteIfFound False
InsertIfNotFound True
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateIAMOSCAdminRoleClaims.log
OverwriteLogFile False
LogMode minimal
12. DEEWR-Create or update user IAMSSC ADMIN ROLE claims ^Top
ObjectID DEEWR-Create or update user IAMSSC ADMIN ROLE claims
CreatedTime 1/06/2011 2:01:32
Description Create or update user IAMSSC ADMIN ROLE claims
DisplayName DEEWR-Create or update user IAMSSC ADMIN ROLE claims
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
FunctionActivity
Description Initialize DEEWR-claimValue
Destination [//WorkflowData/DEEWR-claimValue]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
FunctionActivity
Description Default ObjectID
Destination [//WorkflowData/ObjectID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #3
FunctionActivity
Description DEEWR-subKeyBinding
Destination [//WorkflowData/DEEWR-subKeyBinding]
FunctionExpression <fn id="SingleValueAssignment" isCustomExpression="false"><arg>"Company"</arg></fn>
isCustomExpression
Workflow Activity #4
FunctionActivity
Description Initialise DEEWR-subKeyID
Destination [//WorkflowData/DEEWR-subKeyID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #5
FunctionActivity
Description Initialise DEEWR-subKeyName
Destination [//WorkflowData/DEEWR-subKeyName]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #6
LookupPropertiesActivity
XPathFilter /DEEWR-claimType[DEEWR-roleID='[//Target/DEEWR-roleID]']
AttributeNames ObjectID=DEEWR-claimTypeID DisplayName=DEEWR-claimTypeName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateIAMSSCAdminRoleClaims.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #7
LookupPropertiesActivity
XPathFilter /DEEWR-esg-site[(ObjectID = /Person[ObjectID='[//Target/ObjectID]']/DEEWR-siteID)]
AttributeNames ObjectID DisplayName=DEEWR-claimValue
SaveWorkflowDataStorageMode List
LogFile D:\Logs\FIMService\CreateOrUpdateIAMSSCAdminRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #8
LookupPropertiesActivity
XPathFilter /ConstantSpecifier[DisplayName='None']
AttributeNames ObjectID=DEEWR-subKeyID Description=DEEWR-subKeyName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateIAMSSCAdminRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #9
LookupPropertiesActivity
XPathFilter /DEEWR-esg-org[(ObjectID = /Person[ObjectID='[//Target/ObjectID]']/DEEWR-esg-organisationID)]
AttributeNames ObjectID=DEEWR-subKeyID Description=DEEWR-subKeyName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateIAMSSCAdminRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #10
LookupPropertiesActivity
XPathFilter /DEEWR-App[DisplayName='IAM']
AttributeNames ObjectID=DEEWR-appID DisplayName=DEEWR-applicationName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateIAMSSCAdminRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #11
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//WorkflowData/DEEWR-applicationName] [//WorkflowData/DEEWR-claimTypeName] claims for [//Target/DisplayName], sub key [//WorkflowData/DEEWR-subKeyName]
ResourceQuery /DEEWR-claim[(DEEWR-applicationID = '[//WorkflowData/DEEWR-appID]') and (DEEWR-subKeyID = '[//WorkflowData/DEEWR-subKeyID]') and (DEEWR-claimTypeID = '[//WorkflowData/DEEWR-claimTypeID]') and (DEEWR-userID = '[//Target/ObjectID]')]
ExtraAttributes DEEWR-applicationID=guid:[//WorkflowData/DEEWR-appID] DEEWR-claimTypeID=guid:[//WorkflowData/DEEWR-claimTypeID] DEEWR-userID=guid:[//Target/ObjectID] DEEWR-claimValueType=string:string DEEWR-claimValue=string:[//WorkflowData/DEEWR-claimValue] Description=string:[//WorkflowData/DEEWR-claimTypeName]s [//WorkflowData/DEEWR-claimValue] DEEWR-subKeyName=string:[//WorkflowData/DEEWR-subKeyName] DEEWR-subKeyID=guid:[//WorkflowData/DEEWR-subKeyID] DEEWR-claimValueID=guid[]:[//WorkflowData/ObjectID]
DeleteIfFound False
InsertIfNotFound True
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateIAMSSCAdminRoleClaims.log
OverwriteLogFile False
LogMode minimal
13. DEEWR-Create or update user OTHER ADMIN ROLE claims ^Top
ObjectID DEEWR-Create or update user OTHER ADMIN ROLE claims
CreatedTime 17/08/2011 7:34:03
Description Create or update user OTHER ADMIN ROLE claims
DisplayName DEEWR-Create or update user OTHER ADMIN ROLE claims
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
FunctionActivity
Description Initialize DEEWR-claimValue
Destination [//WorkflowData/DEEWR-claimValue]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
FunctionActivity
Description Default ObjectID
Destination [//WorkflowData/ObjectID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #3
FunctionActivity
Description DEEWR-subKeyBinding
Destination [//WorkflowData/DEEWR-subKeyBinding]
FunctionExpression <fn id="SingleValueAssignment" isCustomExpression="false"><arg>"Company"</arg></fn>
isCustomExpression
Workflow Activity #4
FunctionActivity
Description Initialise DEEWR-subKeyID
Destination [//WorkflowData/DEEWR-subKeyID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #5
FunctionActivity
Description Initialise DEEWR-subKeyName
Destination [//WorkflowData/DEEWR-subKeyName]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #6
LookupPropertiesActivity
XPathFilter /DEEWR-claimType[DEEWR-roleID='[//Target/DEEWR-roleID]']
AttributeNames ObjectID=DEEWR-claimTypeID DisplayName=DEEWR-claimTypeName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateOtherAdminRoleClaims.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #7
LookupPropertiesActivity
XPathFilter /ConstantSpecifier[DisplayName='None']
AttributeNames ObjectID DisplayName=DEEWR-claimValue
SaveWorkflowDataStorageMode List
LogFile D:\Logs\FIMService\CreateOrUpdateOtherAdminRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #8
LookupPropertiesActivity
XPathFilter /ConstantSpecifier[DisplayName='None']
AttributeNames ObjectID=DEEWR-subKeyID Description=DEEWR-subKeyName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateOtherAdminRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #9
LookupPropertiesActivity
XPathFilter /DEEWR-App[DisplayName='IAM']
AttributeNames ObjectID=DEEWR-appID DisplayName=DEEWR-applicationName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateOtherAdminRoleClaims.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #10
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//WorkflowData/DEEWR-applicationName] [//WorkflowData/DEEWR-claimTypeName] claims for [//Target/DisplayName], sub key [//WorkflowData/DEEWR-subKeyName]
ResourceQuery /DEEWR-claim[(DEEWR-applicationID = '[//WorkflowData/DEEWR-appID]') and (DEEWR-subKeyID = '[//WorkflowData/DEEWR-subKeyID]') and (DEEWR-claimTypeID = '[//WorkflowData/DEEWR-claimTypeID]') and (DEEWR-userID = '[//Target/ObjectID]')]
ExtraAttributes DEEWR-applicationID=guid:[//WorkflowData/DEEWR-appID] DEEWR-claimTypeID=guid:[//WorkflowData/DEEWR-claimTypeID] DEEWR-userID=guid:[//Target/ObjectID] DEEWR-claimValueType=string:string DEEWR-claimValue=string:[//WorkflowData/DEEWR-claimValue] Description=string:[//WorkflowData/DEEWR-claimTypeName]s [//WorkflowData/DEEWR-claimValue] DEEWR-subKeyName=string:[//WorkflowData/DEEWR-subKeyName] DEEWR-subKeyID=guid:[//WorkflowData/DEEWR-subKeyID] DEEWR-claimValueID=guid[]:[//WorkflowData/ObjectID]
DeleteIfFound False
InsertIfNotFound True
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\CreateOrUpdateOtherAdminRoleClaims.log
OverwriteLogFile False
LogMode minimal
14. DEEWR-Delete invalid user claims for Org and Application ^Top
ObjectID DEEWR-Delete invalid user claims for Org and Application
CreatedTime 9/05/2011 9:10:22
Description Delete invalid user claims for ORG and APPLICATION
DisplayName DEEWR-Delete invalid user claims for Org and Application
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName Invalidated claims for [//Target/DisplayName]
ResourceQuery /DEEWR-claim[(DEEWR-applicationID = '[//Requestor/DEEWR-currentApplicationID]') and (DEEWR-userID = '[//Target/ObjectID]') and (DEEWR-subKeyID != /Person[ObjectID='[//Target/ObjectID]']/DEEWR-esg-organisationID)]
ExtraAttributes
DeleteIfFound True
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DeleteUserClaimsForOrgAndApplication.log
OverwriteLogFile True
LogMode minimal
15. DEEWR-Delete invitation where invitee not resolved ^Top
ObjectID DEEWR-Delete invitation where invitee not resolved
CreatedTime 13/05/2011 6:31:54
Description Delete a DEEWR invitation where invitee cannot be resolved
DisplayName DEEWR-Delete invitation where invitee not resolved
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate True
Workflow Activity #1
LookupPropertiesActivity
XPathFilter /DEEWR-esg-invitation[ObjectID='[//Target/ObjectID]']
AttributeNames DEEWR-esg-inviter=inviter
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRDeleteInvitationWhereInviteeNotResolved.log
OverwriteLogFile True
LogMode verbose
Workflow Activity #2
UpdateResourceFromWorkflowData
ObjectType DEEWR-esg-invitation
DisplayName [//Target/Description]
ResourceQuery /DEEWR-esg-invitation[ObjectID='[//Target/ObjectID]']
ExtraAttributes
DeleteIfFound True
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRDeleteInvitationWhereInviteeNotResolved.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #3
EmailNotificationActivity
To [//WorkflowData/inviter];
EmailTemplate f1dfbb93-944b-42af-abb6-314dcd3ae133
16. DEEWR-Delete Object by ID ^Top
ObjectID DEEWR-Delete Object by ID
CreatedTime 12/05/2011 6:51:11
Description Delete an object for a given resource ID
DisplayName DEEWR-Delete Object by ID
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate True
Workflow Activity #1
UpdateResourceFromWorkflowData
ObjectType Resource
DisplayName [//Target/DisplayName]
ResourceQuery /*[ObjectID='[//Target/ObjectID]']
ExtraAttributes
DeleteIfFound True
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRDeleteObjectByID.log
OverwriteLogFile True
LogMode minimal
17. DEEWR-Delete rejected invitation ^Top
ObjectID DEEWR-Delete rejected invitation
CreatedTime 16/05/2011 12:38:22
Description Delete a DEEWR invitation which has been rejected
DisplayName DEEWR-Delete rejected invitation
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate True
Workflow Activity #1
LookupPropertiesActivity
XPathFilter /DEEWR-esg-invitation[ObjectID='[//Target/ObjectID]']
AttributeNames DEEWR-esg-inviter=inviter
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRDeleteRejectedInvitation.log
OverwriteLogFile True
LogMode verbose
Workflow Activity #2
UpdateResourceFromWorkflowData
ObjectType DEEWR-esg-invitation
DisplayName [//Target/Description]
ResourceQuery /DEEWR-esg-invitation[ObjectID='[//Target/ObjectID]']
ExtraAttributes
DeleteIfFound True
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRDeleteRejectedInvitation.log
OverwriteLogFile False
LogMode verbose
Workflow Activity #3
EmailNotificationActivity
To [//WorkflowData/inviter];
EmailTemplate 12135fde-472f-4d0b-81e3-681e5c1ce8bf
18. DEEWR-Delete user ESG ORG claims ^Top
ObjectID DEEWR-Delete user ESG ORG claims
CreatedTime 28/06/2011 7:54:19
Description Delete invalid ESG ORG claims for a user
DisplayName DEEWR-Delete user ESG ORG claims
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//Target/DisplayName]
ResourceQuery /DEEWR-claim[(DEEWR-userID = '[//Target/ObjectID]') and (DEEWR-claimTypeID = /DEEWR-claimType[DisplayName='Org']) and not(DEEWR-claimValueID = /Person[ObjectID='[//Target/ObjectID]']/DEEWR-esg-organisationID)]
ExtraAttributes
DeleteIfFound True
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DeleteUserOrgClaims.log
OverwriteLogFile True
LogMode minimal
19. DEEWR-Delete user ESG ROLE claims ^Top
ObjectID DEEWR-Delete user ESG ROLE claims
CreatedTime 28/06/2011 8:30:24
Description Delete ESG ROLE claims for a user
DisplayName DEEWR-Delete user ESG ROLE claims
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//Target/DisplayName]
ResourceQuery /DEEWR-claim[(DEEWR-userID = '[//Target/ObjectID]') and (DEEWR-claimTypeID = /DEEWR-claimType[DisplayName='Role']) and not(DEEWR-claimValueID = /Person[ObjectID='[//Target/ObjectID]']/DEEWR-esg-roleID)]
ExtraAttributes
DeleteIfFound True
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DeleteUserRoleClaims.log
OverwriteLogFile True
LogMode minimal
20. DEEWR-Delete user ESG SITE claims ^Top
ObjectID DEEWR-Delete user ESG SITE claims
CreatedTime 28/06/2011 8:28:47
Description Delete invalid ESG SITE claims for a user
DisplayName DEEWR-Delete user ESG SITE claims
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//Target/DisplayName]
ResourceQuery /DEEWR-claim[(DEEWR-userID = '[//Target/ObjectID]') and (DEEWR-claimTypeID = /DEEWR-claimType[DisplayName='Site']) and not(DEEWR-claimValueID = /Person[ObjectID='[//Target/ObjectID]']/DEEWR-esg-siteID)]
ExtraAttributes
DeleteIfFound True
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DeleteUserSiteClaims.log
OverwriteLogFile True
LogMode minimal
21. DEEWR-New users are set with default properties ^Top
ObjectID DEEWR-New users are set with default properties
CreatedTime 15/07/2011 2:27:05
Description New users are set with default properties such as application
DisplayName DEEWR-New users are set with default properties
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate True
Workflow Activity #1
LookupPropertiesActivity
XPathFilter /DEEWR-App[DisplayName='ESS']
AttributeNames ObjectID=DefaultAppID
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRNewUsersAreSetWithDefaultProperties.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #2
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[ObjectID='[//Target/ObjectID]']
ExtraAttributes DEEWR-appID=guid[]:[//WorkflowData/DefaultAppID]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRNewUsersAreSetWithDefaultProperties.log
OverwriteLogFile False
LogMode minimal
22. DEEWR-Notify invitee resolved OK ^Top
ObjectID DEEWR-Notify invitee resolved OK
CreatedTime 17/05/2011 7:45:55
Description A notification (to the inviter for now) is sent when an invitee is successfully resolved to a FIM user
DisplayName DEEWR-Notify invitee resolved OK
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate True
Workflow Activity #1
LookupPropertiesActivity
XPathFilter /Person[ObjectID='[//Target/DEEWR-esg-inviter]']
AttributeNames ObjectID=Inviter
SaveWorkflowDataStorageMode Object
LogFile
OverwriteLogFile True
LogMode minimal
Workflow Activity #2
LookupPropertiesActivity
XPathFilter /Person[ObjectID='[//Target/DEEWR-userID]']
AttributeNames ObjectID=Invitee
SaveWorkflowDataStorageMode Object
LogFile Enter the full file path of the log file to be written.
OverwriteLogFile True
LogMode minimal
Workflow Activity #3
EmailNotificationActivity
To [//WorkflowData/Inviter];
EmailTemplate 5dff9457-5b1d-49c6-b170-ea923f7e7e0a
Workflow Activity #4
EmailNotificationActivity
To [//WorkflowData/Invitee];
EmailTemplate 7de82296-6728-4446-8f08-75573dad6ca6
23. DEEWR-Outbound workflow for Claims to SQL ^Top
ObjectID DEEWR-Outbound workflow for Claims to SQL
CreatedTime 19/04/2011 2:04:40
Description Provision claims to SQL and bring back the SQL key (Claim ID)
DisplayName DEEWR-Outbound workflow for Claims to SQL
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate True
Workflow Activity #1
SynchronizationRuleActivity
SynchronizationRuleId ae481500-73c5-43d1-8e1f-6cba49ba7ee3
Action Remove
AttributeId 00000000-0000-0000-0000-000000000000
AddValue {x:Null}
RemoveValue {x:Null}
Workflow Activity #2
SynchronizationRuleActivity
SynchronizationRuleId ae481500-73c5-43d1-8e1f-6cba49ba7ee3
Action Add
AttributeId 00000000-0000-0000-0000-000000000000
AddValue {x:Null}
RemoveValue {x:Null}
24. DEEWR-Outbound Workflow for Users to AD ^Top
ObjectID DEEWR-Outbound Workflow for Users to AD
CreatedTime 16/02/2011 23:42:05
Description Outbound Workflow for Users to AD
DisplayName DEEWR-Outbound Workflow for Users to AD
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate True
Workflow Activity #1
SynchronizationRuleActivity
SynchronizationRuleId d82aa4d8-f7b7-448c-962c-c14fe48856a7
Action Remove
AttributeId 00000000-0000-0000-0000-000000000000
AddValue {x:Null}
RemoveValue {x:Null}
Workflow Activity #2
SynchronizationRuleActivity
SynchronizationRuleId d82aa4d8-f7b7-448c-962c-c14fe48856a7
Action Add
AttributeId 00000000-0000-0000-0000-000000000000
AddValue {x:Null}
RemoveValue {x:Null}
25. DEEWR-Recalculate org admins for an org ^Top
ObjectID DEEWR-Recalculate org admins for an org
CreatedTime 24/08/2011 3:26:16
Description Housekeeping workflow to recalculate Person.DEEWR-esg-orgUserID (org admins, or IAMOSCs) for all users with matching org claims
DisplayName DEEWR-Recalculate org admins for an org
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate True
Workflow Activity #1
FunctionActivity
Description Initialize OrgAdmins
Destination [//WorkflowData/OrgAdmins]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
LookupPropertiesActivity
XPathFilter /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='IAMOSC']) and (DEEWR-claimValueID=/DEEWR-esg-org[DisplayName='[//Target/DisplayName]']) ]/DEEWR-userID
AttributeNames ObjectID=OrgAdmins
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRRecalculateOrgAdminsForAnOrg.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #3
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[ not(DEEWR-esg-orgUserID = /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='IAMOSC']) and (DEEWR-claimValueID=/DEEWR-esg-org[DisplayName='[//Target/DisplayName]']) ]/DEEWR-userID ) and not(ObjectID = /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='IAMOSC']) and (DEEWR-claimValueID=/DEEWR-esg-org[DisplayName='[//Target/DisplayName]']) ]/DEEWR-userID ) and (ObjectID = /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='Org']) and (DEEWR-claimValueID=/DEEWR-esg-org[DisplayName='[//Target/DisplayName]']) ]/DEEWR-userID) ]
ExtraAttributes DEEWR-esg-orgUserID=guid[]:[//WorkflowData/OrgAdmins]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRRecalculateOrgAdminsForAnOrg.log
OverwriteLogFile False
LogMode verbose
26. DEEWR-Recalculate site admins for a site ^Top
ObjectID DEEWR-Recalculate site admins for a site
CreatedTime 24/08/2011 7:51:09
Description Housekeeping workflow to recalculate Person.DEEWR-esg-siteUserID (site admins, or IAMSSCs) for all users with matching site claims
DisplayName DEEWR-Recalculate site admins for a site
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate True
Workflow Activity #1
FunctionActivity
Description Initialize SiteAdmins
Destination [//WorkflowData/SiteAdmins]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
LookupPropertiesActivity
XPathFilter /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='IAMSSC']) and (DEEWR-claimValueID=/DEEWR-esg-site[DisplayName='[//Target/DisplayName]']) ]/DEEWR-userID
AttributeNames ObjectID=SiteAdmins
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRRecalculateSiteAdminsForASite.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #3
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[ not(DEEWR-esg-siteUserID = /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='IAMSSC']) and (DEEWR-claimValueID=/DEEWR-esg-site[DisplayName='[//Target/DisplayName]']) ]/DEEWR-userID ) and not(ObjectID = /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='IAMSSC']) and (DEEWR-claimValueID=/DEEWR-esg-site[DisplayName='[//Target/DisplayName]']) ]/DEEWR-userID ) and (ObjectID = /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='Site']) and (DEEWR-claimValueID=/DEEWR-esg-site[DisplayName='[//Target/DisplayName]']) ]/DEEWR-userID) ]
ExtraAttributes DEEWR-esg-siteUserID=guid[]:[//WorkflowData/SiteAdmins]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRRecalculateSiteAdminsForASite.log
OverwriteLogFile False
LogMode verbose
27. DEEWR-Remove invalid esg roles for user sites ^Top
ObjectID DEEWR-Remove invalid esg roles for user sites
CreatedTime 11/05/2011 1:15:50
Description Remove any role selections for a user which no longer match the selected sites (via site-contract-role or org-role)
DisplayName DEEWR-Remove invalid esg roles for user sites
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
FunctionActivity
Description Default DEEWR-esg-roleID
Destination [//WorkflowData/DEEWR-esg-roleID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
LookupPropertiesActivity
XPathFilter /DEEWR-esg-role[(ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-roleID) and not((ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-siteID/DEEWR-esg-contractID/DEEWR-esg-roleID) or (ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-orgID/DEEWR-esg-roleID))]
AttributeNames ObjectID=DEEWR-esg-roleID
SaveWorkflowDataStorageMode List
LogFile D:\Logs\FIMService\RemoveInvalidEsgRolesForUserSites.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #3
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[(ObjectID = '[//Target/ObjectID]') and (DEEWR-esg-roleID = /DEEWR-esg-role[(ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-roleID) and not((ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-siteID/DEEWR-esg-contractID/DEEWR-esg-roleID) or (ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-orgID/DEEWR-esg-roleID))])]
ExtraAttributes DEEWR-esg-roleID=guid[]:[//WorkflowData/DEEWR-esg-roleID]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\RemoveInvalidEsgRolesForUserSites.log
OverwriteLogFile False
LogMode minimal
28. DEEWR-Remove invalid esg sites and roles for user orgs ^Top
ObjectID DEEWR-Remove invalid esg sites and roles for user orgs
CreatedTime 6/05/2011 4:38:03
Description Remove any site and role selections for a user which no longer match the selected orgs
DisplayName DEEWR-Remove invalid esg sites and roles for user orgs
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
FunctionActivity
Description Default DEEWR-esg-siteID
Destination [//WorkflowData/DEEWR-esg-siteID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
LookupPropertiesActivity
XPathFilter /DEEWR-esg-site[(ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-siteID) and (ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-organisationID/DEEWR-esg-siteID)]
AttributeNames ObjectID=DEEWR-esg-siteID
SaveWorkflowDataStorageMode List
LogFile D:\Logs\FIMService\RemoveInvalidEsgSitesAndRolesForOrgs.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #3
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[(ObjectID = '[//Target/ObjectID]') and (DEEWR-esg-siteID = /DEEWR-esg-site[(ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-siteID) and (ObjectID != /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-organisationID/DEEWR-esg-siteID)])]
ExtraAttributes DEEWR-esg-siteID=guid[]:[//WorkflowData/DEEWR-esg-siteID]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\RemoveInvalidEsgSitesAndRolesForOrgs.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #4
FunctionActivity
Description Default DEEWR-esg-roleID
Destination [//WorkflowData/DEEWR-esg-roleID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #5
LookupPropertiesActivity
XPathFilter /DEEWR-esg-role[(ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-roleID) and not((ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-orgID/DEEWR-esg-siteID/DEEWR-esg-contractID/DEEWR-esg-roleID) or (ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-orgID/DEEWR-esg-roleID))]
AttributeNames ObjectID=DEEWR-esg-roleID
SaveWorkflowDataStorageMode List
LogFile D:\Logs\FIMService\RemoveInvalidEsgSitesAndRolesForOrgs.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #6
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[(ObjectID = '[//Target/ObjectID]') and (DEEWR-esg-roleID = /DEEWR-esg-role[(ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-roleID) and not((ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-siteID/DEEWR-esg-contractID/DEEWR-esg-roleID) or (ObjectID = /Person[ObjectID = '[//Target/ObjectID]']/DEEWR-esg-orgID/DEEWR-esg-roleID))])]
ExtraAttributes DEEWR-esg-roleID=guid[]:[//WorkflowData/DEEWR-esg-roleID]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\RemoveInvalidEsgSitesAndRolesForOrgs.log
OverwriteLogFile False
LogMode minimal
29. DEEWR-Remove org admins for an OSC and delete claim ^Top
ObjectID DEEWR-Remove org admins for an OSC and delete claim
CreatedTime 18/05/2011 1:35:58
Description Users assigned to a ORG must also be updated when the set of corresponding OSCs changes (removals) as a result of the removal of an IAMOSC admin role claim
DisplayName DEEWR-Remove org admins for an OSC and delete claim
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[ (DEEWR-esg-orgUserID = '[//Target/DEEWR-userID]') and not(ObjectID= /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='Org']) and (DEEWR-claimValueID=/DEEWR-claim[ObjectID='[//Target/ObjectID]']/DEEWR-claimValueID) ]/DEEWR-userID) and not(ObjectID ='[//Target/DEEWR-userID]') ]
ExtraAttributes DEEWR-esg-orgUserID=guid:-[//Target/DEEWR-userID]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRRemoveOrgAdminsForAnOSC.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #2
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//Target/DisplayName]
ResourceQuery /DEEWR-claim[ObjectID='[//Target/ObjectID]' and not(DEEWR-claimValueID=/*)]
ExtraAttributes
DeleteIfFound True
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRRemoveOrgAdminsForAnOSC.log
OverwriteLogFile False
LogMode minimal
30. DEEWR-Remove site admins for an SSC and delete claim ^Top
ObjectID DEEWR-Remove site admins for an SSC and delete claim
CreatedTime 18/05/2011 1:06:40
Description Users assigned to a SITE must also be updated when the set of corresponding SSCs changes (removals) as a result of the removal of an IAMSSC admin role claim
DisplayName DEEWR-Remove site admins for an SSC and delete claim
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[ (DEEWR-esg-siteUserID = '[//Target/DEEWR-userID]') and not(ObjectID= /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='Site']) and (DEEWR-claimValueID=/DEEWR-claim[ObjectID='[//Target/ObjectID]']/DEEWR-claimValueID) ]/DEEWR-userID) and not(ObjectID ='[//Target/DEEWR-userID]') ]
ExtraAttributes DEEWR-esg-siteUserID=guid:-[//Target/DEEWR-userID]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRRemoveSiteAdminsForAnSSC.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #2
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//Target/DisplayName]
ResourceQuery /DEEWR-claim[ObjectID='[//Target/ObjectID]' and not(DEEWR-claimValueID=/*)]
ExtraAttributes
DeleteIfFound True
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRRemoveSiteAdminsForAnSSC.log
OverwriteLogFile False
LogMode minimal
31. DEEWR-Reset OSCs for a user ^Top
ObjectID DEEWR-Reset OSCs for a user
CreatedTime 22/08/2011 4:12:34
Description Reset OSCs for a user
DisplayName DEEWR-Reset OSCs for a user
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate True
Workflow Activity #1
FunctionActivity
Description Initialize OrgAdmins
Destination [//WorkflowData/OrgAdmins]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
LookupPropertiesActivity
XPathFilter /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='IAMOSC']) and (DEEWR-applicationID=/DEEWR-App[DisplayName='IAM']) and (DEEWR-claimValueID=/DEEWR-claim[ ( DEEWR-applicationID=/DEEWR-App[ObjectID='[//Target/DEEWR-appID]'] or DEEWR-applicationID=/DEEWR-App[DisplayName='IAM'] ) and (DEEWR-userID='[//Target/ObjectID]') and (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='Org'])]/DEEWR-claimValueID ) ]/DEEWR-userID
AttributeNames ObjectID=OrgAdmins
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRResetOSCsForAUser.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #3
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[ (ObjectID='[//Target/ObjectID]') ]
ExtraAttributes DEEWR-esg-orgUserID=guid[]:None DEEWR-esg-orgUserID=guid[]:[//WorkflowData/OrgAdmins]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRResetOSCsForAUser.log
OverwriteLogFile False
LogMode minimal
32. DEEWR-Reset SSCs for a user ^Top
ObjectID DEEWR-Reset SSCs for a user
CreatedTime 22/08/2011 4:16:48
Description Reset SSCs for a user
DisplayName DEEWR-Reset SSCs for a user
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate True
Workflow Activity #1
FunctionActivity
Description Initialize SiteAdmins
Destination [//WorkflowData/SiteAdmins]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
LookupPropertiesActivity
XPathFilter /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='IAMSSC']) and (DEEWR-applicationID=/DEEWR-App[DisplayName='IAM']) and (DEEWR-claimValueID=/DEEWR-claim[ ( DEEWR-applicationID=/DEEWR-App[ObjectID='[//Target/DEEWR-appID]'] or DEEWR-applicationID=/DEEWR-App[DisplayName='IAM'] ) and (DEEWR-userID='[//Target/ObjectID]') and (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='Site'])]/DEEWR-claimValueID )]/DEEWR-userID
AttributeNames ObjectID=SiteAdmins
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRResetSSCsForAUser.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #3
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[ (ObjectID='[//Target/ObjectID]') and not(DEEWR-esg-siteUserID=/DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='IAMSSC']) and (DEEWR-applicationID=/DEEWR-App[ (DisplayName='IAM') or (ObjectID='[//Target/DEEWR-appID]') ]) and (DEEWR-applicationID=/DEEWR-App[DisplayName='IAM']) and (DEEWR-claimValueID=/DEEWR-claim[ (DEEWR-userID='[//Target/ObjectID]') and (DEEWR-applicationID=/DEEWR-App[ (DisplayName='IAM') or (ObjectID='[//Target/DEEWR-appID]') ]) and (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='Site']) ]/DEEWR-claimValueID) ]/DEEWR-userID) ]
ExtraAttributes DEEWR-esg-siteUserID=guid[]:None DEEWR-esg-siteUserID=guid[]:[//WorkflowData/SiteAdmins]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRResetSSCsForAUser.log
OverwriteLogFile False
LogMode minimal
33. DEEWR-Resolve org invitee ^Top
ObjectID DEEWR-Resolve org invitee
CreatedTime 13/05/2011 5:30:16
Description Resolve the invitee on a new org (only) invitation
DisplayName DEEWR-Resolve org invitee
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
FunctionActivity
Description Initialize DEEWR-userID
Destination [//WorkflowData/DEEWR-userID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
LookupPropertiesActivity
XPathFilter /Person[AccountName='[//Target/DEEWR-esg-invitee]']
AttributeNames ObjectID=DEEWR-userID
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRResolveOrgInvitee.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #3
UpdateResourceFromWorkflowData
ObjectType DEEWR-esg-invitation
DisplayName [//Target/DEEWR-esg-invitee]
ResourceQuery /DEEWR-esg-invitation[ObjectID='[//Target/ObjectID]']
ExtraAttributes Description=string:[//Target/DEEWR-esg-invitee] to join Org(s) DEEWR-userID=guid:[//WorkflowData/DEEWR-userID] DEEWR-esg-isAccepted=boolean:NULL DisplayName=string:[//Target/DEEWR-esg-invitee] to join Org(s)
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRResolveOrgInvitee.log
OverwriteLogFile False
LogMode minimal
34. DEEWR-Set claim sync values ^Top
ObjectID DEEWR-Set claim sync values
CreatedTime 19/04/2011 5:31:43
Description Set the redundantly stored display name value for each referenced claim binding to sync to the claims database
DisplayName DEEWR-Set claim sync values
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate True
Workflow Activity #1
FunctionActivity
Description Initialize DEEWR-claimValue
Destination [//WorkflowData/DEEWR-claimValue]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
LookupPropertiesActivity
XPathFilter /DEEWR-App[ObjectID='[//Target/DEEWR-applicationID]']
AttributeNames DisplayName=DEEWR-applicationName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\SetClaimSyncValues.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #3
LookupPropertiesActivity
XPathFilter /DEEWR-claimType[ObjectID='[//Target/DEEWR-claimTypeID]']
AttributeNames DisplayName=DEEWR-claimTypeName Description=DEEWR-uri DEEWR-claimValueType
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\SetClaimSyncValues.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #4
LookupPropertiesActivity
XPathFilter /Person[ObjectID='[//Target/DEEWR-userID]']
AttributeNames AccountName=DEEWR-userIDName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\SetClaimSyncValues.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #5
LookupPropertiesActivity
XPathFilter /*[ObjectID=/DEEWR-claim[ObjectID='[//Target/ObjectID]']/DEEWR-claimValueID]
AttributeNames DisplayName=DEEWR-claimValue
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\SetClaimSyncValues.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #6
LookupPropertiesActivity
XPathFilter /*[ObjectID='[//Target/DEEWR-subKeyID]']
AttributeNames DisplayName=DEEWR-subKeyName
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\SetClaimSyncValues.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #7
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//Target/DisplayName]
ResourceQuery /DEEWR-claim[ ObjectID='[//Target/ObjectID]' and ( not(DisplayName='[//WorkflowData/DEEWR-claimValue]') or not(DEEWR-claimTypeName='[//WorkflowData/DEEWR-uri]') or not(DEEWR-applicationName='[//WorkflowData/DEEWR-applicationName]') or not(DEEWR-userIDName='[//WorkflowData/DEEWR-userIDName]'))]
ExtraAttributes DEEWR-claimTypeName=string:[//WorkflowData/DEEWR-uri] DEEWR-applicationName=string:[//WorkflowData/DEEWR-applicationName] DEEWR-userIDName=string:[//WorkflowData/DEEWR-userIDName] DEEWR-claimValue=string:[//WorkflowData/DEEWR-claimValue] Description=string:[//WorkflowData/DEEWR-claimTypeName]s [//WorkflowData/DEEWR-claimValue] DisplayName=string:[//WorkflowData/DEEWR-applicationName] [//WorkflowData/DEEWR-claimTypeName] claims for [//WorkflowData/DEEWR-userIDName], sub key [//WorkflowData/DEEWR-subKeyName] DEEWR-claimIDName=string:[//Target/ObjectID] DEEWR-claimValueType=string:[//WorkflowData/DEEWR-claimValueType] DEEWR-subKeyName=string:[//WorkflowData/DEEWR-subKeyName]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\SetClaimSyncValues.log
OverwriteLogFile False
LogMode minimal
35. DEEWR-Set OSCs for a user ORG claim ^Top
ObjectID DEEWR-Set OSCs for a user ORG claim
CreatedTime 17/05/2011 7:14:02
Description Users assigned to a ORG must also be linked to the set of corresponding OSCs ... note that this Workflow runs in the context of a CLAIM not a USER
DisplayName DEEWR-Set OSCs for a user ORG claim
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
FunctionActivity
Description Default OrgAdmins
Destination [//WorkflowData/OrgAdmins]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
LookupPropertiesActivity
XPathFilter /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='IAMOSC']) and (DEEWR-applicationID=/DEEWR-App[DisplayName='IAM']) and (DEEWR-claimValueID=/DEEWR-claim[ (DEEWR-userID='[//Target/DEEWR-userID]') and (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='Org'])]/DEEWR-claimValueID ) ]/DEEWR-userID
AttributeNames ObjectID=OrgAdmins
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRSetOSCsForAUser.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #3
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[(ObjectID='[//Target/DEEWR-userID]')]
ExtraAttributes DEEWR-esg-orgUserID=guid[]:NULL DEEWR-esg-orgUserID=guid[]:[//WorkflowData/OrgAdmins]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRSetOSCsForAUser.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #4
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//Target/DisplayName]
ResourceQuery /DEEWR-claim[(ObjectID='[//Target/ObjectID]') and not(DEEWR-claimValueID=/*)]
ExtraAttributes
DeleteIfFound True
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRSetOSCsForAUser.log
OverwriteLogFile False
LogMode minimal
36. DEEWR-Set SSCs for a user SITE claim ^Top
ObjectID DEEWR-Set SSCs for a user SITE claim
CreatedTime 12/07/2011 2:32:20
Description Users assigned to a SITE must also be linked to the set of corresponding SSCs ... note that this Workflow runs in the context of a CLAIM not a USER
DisplayName DEEWR-Set SSCs for a user SITE claim
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
FunctionActivity
Description Default SiteAdmins
Destination [//WorkflowData/SiteAdmins]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
LookupPropertiesActivity
XPathFilter /DEEWR-claim[ (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='IAMSSC']) and (DEEWR-applicationID=/DEEWR-App[DisplayName='IAM']) and (DEEWR-claimValueID=/DEEWR-claim[ (DEEWR-userID='[//Target/DEEWR-userID]') and (DEEWR-claimTypeID=/DEEWR-claimType[DisplayName='Site'])]/DEEWR-claimValueID ) ]/DEEWR-userID
AttributeNames ObjectID=SiteAdmins
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRSetSSCsForAUser.log
OverwriteLogFile True
LogMode minimal
Workflow Activity #3
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName [//Target/DisplayName]
ResourceQuery /Person[(ObjectID='[//Target/DEEWR-userID]')]
ExtraAttributes DEEWR-esg-siteUserID=guid[]:NULL DEEWR-esg-siteUserID=guid[]:[//WorkflowData/SiteAdmins]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRSetSSCsForAUser.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #4
UpdateResourceFromWorkflowData
ObjectType DEEWR-claim
DisplayName [//Target/DisplayName]
ResourceQuery /DEEWR-claim[(ObjectID='[//Target/ObjectID]') and not(DEEWR-claimValueID=/*)]
ExtraAttributes
DeleteIfFound True
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRSetSSCsForAUser.log
OverwriteLogFile False
LogMode minimal
37. DEEWR-Update ADMIN ROLE claims for a user ^Top
ObjectID DEEWR-Update ADMIN ROLE claims for a user
CreatedTime 25/07/2011 7:43:41
Description Update admin role claims for a user
DisplayName DEEWR-Update ADMIN ROLE claims for a user
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
FunctionActivity
Description Initialize DEEWR-adminRoleID
Destination [//WorkflowData/DEEWR-adminRoleID]
FunctionExpression <fn id="Null" isCustomExpression="false" />
isCustomExpression
Workflow Activity #2
LookupPropertiesActivity
XPathFilter /DEEWR-claim[(DEEWR-claimTypeID = /DEEWR-claimType[DEEWR-roleID=/DEEWR-role]) and (DEEWR-claimValueID=/*) and (DEEWR-userID = '[//Target/DEEWR-userID]')]
AttributeNames ObjectID=DEEWR-adminRoleID
SaveWorkflowDataStorageMode List
LogFile D:\Logs\FIMService\DEEWRUpdateAdminRoleClaimsForAUser.log
OverwriteLogFile True
LogMode verbose
Workflow Activity #3
LookupPropertiesActivity
XPathFilter /Person[ObjectID='[//Target/DEEWR-userID]']
AttributeNames DisplayName
SaveWorkflowDataStorageMode List
LogFile D:\Logs\FIMService\DEEWRUpdateAdminRoleClaimsForAUser.log
OverwriteLogFile False
LogMode minimal
Workflow Activity #4
UpdateResourceFromWorkflowData
ObjectType Person
DisplayName Admin role claims for [//WorkflowData/DisplayName]
ResourceQuery /Person[(ObjectID='[//Target/DEEWR-userID]') and not(DEEWR-claimID='[//Target/ObjectID]')]
ExtraAttributes DEEWR-claimID=guid[]:[//WorkflowData/DEEWR-adminRoleID]
DeleteIfFound False
InsertIfNotFound False
SaveWorkflowDataStorageMode Object
LogFile D:\Logs\FIMService\DEEWRUpdateAdminRoleClaimsForAUser.log
OverwriteLogFile False
LogMode verbose
38. Expiration Workflow ^Top
ObjectID Expiration Workflow
CreatedTime 25/10/2010 14:39:22
Description This workflow will delete the resource to which it is applied.
DisplayName Expiration Workflow
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
DeleteResourceActivity
ResourceId {ActivityBind SequentialWorkflow,Path=TargetId}
ActorId {ActivityBind SequentialWorkflow,Path=WorkflowDefinitionId}
39. Filter Validation Workflow for Administrators ^Top
ObjectID Filter Validation Workflow for Administrators
CreatedTime 25/10/2010 14:39:22
DisplayName Filter Validation Workflow for Administrators
ObjectType WorkflowDefinition
RequestPhase Authorization
Workflow Activity #1
FilterValidationActivity
FilterScopeIdentifier 06185A61-75A1-401E-A698-498351B9F9B5
40. Filter Validation Workflow for Non-Administrators ^Top
ObjectID Filter Validation Workflow for Non-Administrators
CreatedTime 25/10/2010 14:39:22
DisplayName Filter Validation Workflow for Non-Administrators
ObjectType WorkflowDefinition
RequestPhase Authorization
Workflow Activity #1
FilterValidationActivity
FilterScopeIdentifier BEB49BB6-2567-40DB-B91E-626A3335E308
41. Group Expiration Notification Workflow ^Top
ObjectID Group Expiration Notification Workflow
CreatedTime 25/10/2010 14:39:22
DisplayName Group Expiration Notification Workflow
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
EmailNotificationActivity
To [//Target/Owner]
EmailTemplate 727756DC-92B3-4861-8CAB-4AB81CA28A3D
42. Group Validation Workflow ^Top
ObjectID Group Validation Workflow
CreatedTime 25/10/2010 14:39:22
DisplayName Group Validation Workflow
ObjectType WorkflowDefinition
RequestPhase Authorization
Workflow Activity #1
GroupValidationActivity
ValidationSemantics All
43. Owner Approval Workflow ^Top
ObjectID Owner Approval Workflow
CreatedTime 25/10/2010 14:39:22
DisplayName Owner Approval Workflow
ObjectType WorkflowDefinition
RequestPhase Authorization
Workflow Activity #1
GroupValidationActivity
ValidationSemantics All
Workflow Activity #2
ApprovalActivity
Approvers [//Target/Owner];
Threshold 1
Duration 3.00:00:00
Escalation {x:Null}
WorkflowServiceAttributes
Workflow Activity #3
GroupValidationActivity
ValidationSemantics All
44. Password Reset Action Workflow ^Top
ObjectID Password Reset Action Workflow
CreatedTime 25/10/2010 14:39:22
DisplayName Password Reset Action Workflow
ObjectType WorkflowDefinition
RequestPhase Action
RunOnPolicyUpdate False
Workflow Activity #1
PWResetActivity
Timeout 5
DocumentType {x:Null}
ReferenceProperties {x:Null}
WorkflowServiceAttributes
45. Password Reset AuthN Workflow ^Top
ObjectID Password Reset AuthN Workflow
ClearRegistration False
CreatedTime 25/10/2010 14:39:22
DisplayName Password Reset AuthN Workflow
ObjectType WorkflowDefinition
RequestPhase Authentication
46. Requestor Validation With Owner Authorization ^Top
ObjectID Requestor Validation With Owner Authorization
CreatedTime 25/10/2010 14:39:22
DisplayName Requestor Validation With Owner Authorization
ObjectType WorkflowDefinition
RequestPhase Authorization
Workflow Activity #1
RequestorValidationActivity
OwnerAuthorization True
47. Requestor Validation Without Owner Authorization ^Top
ObjectID Requestor Validation Without Owner Authorization
CreatedTime 25/10/2010 14:39:22
DisplayName Requestor Validation Without Owner Authorization
ObjectType WorkflowDefinition
RequestPhase Authorization
Workflow Activity #1
RequestorValidationActivity
OwnerAuthorization False
48. System Workflow Required for Registration ^Top
ObjectID System Workflow Required for Registration
CreatedTime 25/10/2010 14:39:22
Description This workflow is a system workflow that is required for any type of registration to work correctly, including registration for Self-service Password Reset. Removing this workflow is not possible.
DisplayName System Workflow Required for Registration
ObjectType WorkflowDefinition
RequestPhase Authentication
Unreferenced Workflow Definitions (not in any MPRs!!!)
  • DEEWR-Recalculate org admins for an org
  • DEEWR-Recalculate site admins for a site