• Sybase and PostgreSQL drivers fail to initialize after IDM 4.9 upgrade.

    Hi, We're having trouble when upgrading IDM 4.8.5 to 4.9. The upgrade itself goes well, but the Sybase and PostgreSQL drivers won't initialize. This is a Production environment hosted in a Windows Server 2019. QA environment is hosted with the same…
  • Read createTimestamp attribute of User from Driver Policy

    I am trying to read the "createTimestamp" attribute value of User and for this I have the below policy. I have the User DN in the local variable but not sure how to read the attribute value directly from user dn that's why using the filter "(&(objectClass…
  • DirXML-PasswordSyncStatus with "fake" 005 Password Synchronization is pending.

    IDM version 4.8.6. I have 2 servers in a replica - server A and server B - and server A is running eDir2eDir driver. When there's a password change, it happens successfully and then I get the following scenario: - server A sets DirXML-PasswordSyncStatus…
  • Driver in IDM trigger push notification for a MFA app

    Hello. So, is there a way for a driver in IDM send or trigger a push notification in an app for example MS Authneticator app? I presume there's a protocol or API or some method the service can be invoked but I could not find much info on it.
  • dircmd:sendDriverCommand - query connected system (AD) not returning values

    Hi, I am working with a services driver (null driver) to query the Active Directory to see if the user exists and retrieve sAMAccountName and email attirbute. I have followed the below article, using dircmd:sendDriverCommand. community.microfocus…
  • SCIM driver and other classess than User/Group

    Hi I have a case where application contains User, Group and Entitlement classes. My aim was to integrate both Group and Entitlement values of application to IDM Entitlement database in order to be able to use those in IDM roles. However Code Map…
  • Block users by system in IDM

    Is there a fine-grained way to have users blocked in each sytem individually? For instance for each connected system an association is created and a user account entitlement is granted. Let's say I have 4 instances of SAP or AD and I want to have rules…
  • AD driver - Powershell support without Exchange

    Hello I aw asked to get rid of the on-prem Exchange infrastructure. With the AD connector, is it possible to call Powershell without Exchange on-prem? I have the impression that it is mandatory. Thanks
  • NetIQ Rest Driver Authorization Query Options handling of string with substring values ~~ translated into GCV any fix?

    Hello We have created NetIQ Rest driver, which has authentication method 2.0 with Authorization query options client_secret, if i add any string value for example => eZk8Q~AaVo2rVk3BivI1h2~0vH3y-dMT~hE0HcDI this string considered a GCV because of…
  • AzureAD Driver NPE from unnecessary modify post creation

    We have the AzureAD driver and it creates UserMailboxes in ExchangeOnline. We send an add event through which contains the following attributes: userPrincipalName displayName givenName mail surname onPremisesImmutableId PrimarySmtpAddress mailNickname…
  • One modify event causes 2 modify events (first remove, second add)

    Hello, I have encountered a strange behaviour of event processing in IDM. The scenario is as follows: The user is being synced from a connected eDirectory to IDV via bidirectional driver. <nds dtdversion="4.0" ndsversion="8.x"> <source> <product…
  • How to sync the reciprocal attributes to target

    Hi, How to sync reciprocal attribute for example equivalenttome on Group to target. When i wrote a policy in CTP to check the availability of the attribute it never becomes true. Policy executes before the reciprocal attribute get added in the eDirectory…
  • Any idea how can we manage the service account in the driver thru PAM?

    How to manage the service account of the driver thru PAM? For example using Application to Application Password Management etc to checkout the service account password via rest api. Because hardcoded service account id and password is prohibited.
  • LDAP Driver is not starting Code(-9010) com.microfocus.database.DBException: createOrOpenMap

    I have two environments of IDM, one is IDM 4.7.3 and the second is IDM 4.8.5. I have exported the LDAP Driver of IDM 4.7.3 from Designer and imported that Driver in the workspace of IDM 4.8.5 then deployed it on IDM 4.8.5 Server. When I started this…
  • SOAP Driver listening only first object's event of eDir2eDir Driver's Job

    I have eDir2eDir Driver where I have one Job and Job Scope is children of the container. The flow is given below whenever the Job will run: 1. eDir2eDir driver clears two attributes from IDV (eDirectory) from the User object. 2. SOAP Driver and…
  • Driver XPath Get XML element value

    I have the XML response in Driver's local variable ' lv-Result '. <?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns="urn:partner.soap.sforce.com" xmlns:xsi="http://www.w3.org/2001…
  • Change "modify" events in REST Driver

    Hello, comunity! I'm implementing a REST driver to control user life cycle in an appliaction. My Add operation works fine, but the modify one is not. I've configured the driver parameters with the <association> in URLExtension and the driver itself…
  • Azure AD shim 5.1.6 GET 404 not found - attribute 'print' no longer supported in queries

    I will keep this short as I have many customers that I need to check: Since this morning, all User GET requests in the Azure AD shim suddenly return 404 NOT FOUND. DirXML: [06/21/23 10:35:09.74]: TRACE: AzureAD_Azure: Request URL : graph.microsoft…
  • Google ....

    Probably the wrong place to went, but am I the only one having an issue that we no longer can use google to search for forum posts ? Google has by far the best search engine, and now we are forced to live with "we think these are the answers you are…
  • Finding the Association Value

    To Whom It May Concern: We are using the "Migrate" feature for a driver in iManager. When the document comes into the driver it looks like this: <nds dtdversion="4.0" ndsversion="8.x"> <source> <product edition="Advanced" version="4.8.6.0000">DirXML…
  • SCIM driver and SCIM AUX Classes

    Hello everyone, I can't find out how to add attributes from an auxiliary SCIM class to SCIM object. We have objects, which base clase are Group (urn:ietf:params:scim:schemas:core:2.0:Group) There is an aux class CyberarkGroup (urn:ietf:params:scim:schemas…
  • SCIM Driver License

    Hi, Are there a specific SCIM driver license, or it is a part of another license? I am of course asking, because I have an expired driver, and cannot find a scim driver license in the customer portal. So I was wondering if is a part of another license…
  • Disjoint set algorithms?

    Hi, Any ideas on how to design disjoint sets in the role and resource driver? I have an alorithm that spreads the user events out nicely. They are after all the entitlements consumers, so there probably will not be a race situation since the same user…
  • Temenos T24 - Has anyone integrated with this core system?

    Temenos T24 - Has anyone integrated with this core system? Apparently it is the most used system among banks in Africa and the Middle East. But I can't find any case of ours.
  • Programmatically updating a large mapping table

    We have a driver that semi-regularly adds rows to a pre-existing mapping table. It has worked fine, all done using your typical dirxml-script XML tokens. However, we see occasionally that the XML written to eDirectory ends up as invalid XML. The…